Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5

Overview

General Information

Sample URL:https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5
Analysis ID:1467125
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detected non-DNS traffic on DNS port
Detected suspicious crossdomain redirect
HTML body contains low number of good links
HTML title does not match URL

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3584 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 --field-trial-handle=2296,i,16793354073530369212,4038901630383471587,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6392 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cdHTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cdHTTP Parser: Title: Redirecting does not match URL
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: Title: Sign in to your account does not match URL
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: <input type="password" .../> found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cdHTTP Parser: No favicon
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cdHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cdHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49365 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49368 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.4:49364 -> 1.1.1.1:53
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: gerflorgroup.sharepoint.com to https://login.microsoftonline.com:443/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5fid=00000003%2d0000%2d0ff1%2dce00%2d000000000000&response%5fmode=form%5fpost&response%5ftype=code%20id%5ftoken&resource=00000003%2d0000%2d0ff1%2dce00%2d000000000000&scope=openid&nonce=89a415978ca67bc4c207c162a5652d886813f16c0ba377be%2d83fa823685898d87b2e594cb2a280779c93357d0093d93305029ea0200c68ca7&redirect%5furi=https%3a%2f%2fgerflorgroup%2esharepoint%2ecom%2f%5fforms%2fdefault%2easpx&state=od0w&claims=%7b%22id%5ftoken%22%3a%7b%22xms%5fcc%22%3a%7b%22values%22%3a%5b%22cp1%22%5d%7d%7d%7d&wsucxt=1&cobrandid=11bd8083%2d87e0%2d41b5%2dbb78%2d0bc43c8a8e8a&client%2drequest%2did=8bb838a1%2d402c%2d9000%2d3b57%2df687b267f4cd
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 217.20.57.18
Source: unknownTCP traffic detected without corresponding DNS query: 217.20.57.18
Source: unknownTCP traffic detected without corresponding DNS query: 217.20.57.18
Source: unknownTCP traffic detected without corresponding DNS query: 217.20.57.18
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5 HTTP/1.1Host: gerflorgroup.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5&CID=3fe29633-5e6a-408a-829e-9afd7241a358 HTTP/1.1Host: gerflorgroup.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /sites/InternationalFinanceSeminar-June2024/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInternationalFinanceSeminar%2DJune2024%2FShared%20Documents%2FGeneral%3Fcsf%3D1%26web%3D1%26e%3D2fBDL5%26CID%3D3fe29633%2D5e6a%2D408a%2D829e%2D9afd7241a358 HTTP/1.1Host: gerflorgroup.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /_forms/default.aspx?ReturnUrl=%2fsites%2fInternationalFinanceSeminar-June2024%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInternationalFinanceSeminar%252DJune2024%252FShared%2520Documents%252FGeneral%253Fcsf%253D1%2526web%253D1%2526e%253D2fBDL5%2526CID%253D3fe29633%252D5e6a%252D408a%252D829e%252D9afd7241a358&Source=cookie HTTP/1.1Host: gerflorgroup.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: RpsContextCookie=U291cmNlPSUyRnNpdGVzJTJGSW50ZXJuYXRpb25hbEZpbmFuY2VTZW1pbmFyJTJESnVuZTIwMjQlMkZTaGFyZWQlMjBEb2N1bWVudHMlMkZHZW5lcmFsJTNGY3NmJTNEMSUyNndlYiUzRDElMjZlJTNEMmZCREw1JTI2Q0lEJTNEM2ZlMjk2MzMlMkQ1ZTZhJTJENDA4YSUyRDgyOWUlMkQ5YWZkNzI0MWEzNTg=
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_ixsmqakdnvme1h2u2lb1cq2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/illustration?ts=637486276470461863 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/bannerlogo?ts=638243219943629081 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/illustration?ts=637486276470461863 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/bannerlogo?ts=638243219943629081 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: gerflorgroup.sharepoint.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: login.microsoftonline.com
Source: global trafficDNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global trafficDNS traffic detected: DNS query: aadcdn.msauthimages.net
Source: global trafficDNS traffic detected: DNS query: autologon.microsoftazuread-sso.com
Source: chromecache_122.2.drString found in binary or memory: https://login.microsoftonline.com
Source: chromecache_122.2.drString found in binary or memory: https://login.windows-ppe.net
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49397 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49388
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49387
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49386
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49385
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49384
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49383
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49382
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49381
Source: unknownNetwork traffic detected: HTTP traffic on port 49378 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49380
Source: unknownNetwork traffic detected: HTTP traffic on port 49374 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49388 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49369 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49384 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49380 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49365 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49375 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49379
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49378
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49410
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49375
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49374
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49373
Source: unknownNetwork traffic detected: HTTP traffic on port 49379 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49368 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49385 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49381 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49410 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49369
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49402
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49368
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49365
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49395 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49386 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49382 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49398 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49398
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49397
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49395
Source: unknownNetwork traffic detected: HTTP traffic on port 49394 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49394
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49373 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49387 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49402 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49383 -> 443
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49365 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49368 version: TLS 1.2
Source: classification engineClassification label: clean2.win@22/40@20/7
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 --field-trial-handle=2296,i,16793354073530369212,4038901630383471587,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 --field-trial-handle=2296,i,16793354073530369212,4038901630383471587,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL50%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://login.microsoftonline.com0%URL Reputationsafe
https://login.windows-ppe.net0%URL Reputationsafe
https://aadcdn.msauthimages.net/c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/bannerlogo?ts=6382432199436290810%Avira URL Cloudsafe
https://aadcdn.msauthimages.net/c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/illustration?ts=6374862764704618630%Avira URL Cloudsafe
https://gerflorgroup.sharepoint.com/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5&CID=3fe29633-5e6a-408a-829e-9afd7241a3580%Avira URL Cloudsafe
https://gerflorgroup.sharepoint.com/sites/InternationalFinanceSeminar-June2024/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInternationalFinanceSeminar%2DJune2024%2FShared%20Documents%2FGeneral%3Fcsf%3D1%26web%3D1%26e%3D2fBDL5%26CID%3D3fe29633%2D5e6a%2D408a%2D829e%2D9afd7241a3580%Avira URL Cloudsafe
https://gerflorgroup.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fInternationalFinanceSeminar-June2024%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInternationalFinanceSeminar%252DJune2024%252FShared%2520Documents%252FGeneral%253Fcsf%253D1%2526web%253D1%2526e%253D2fBDL5%2526CID%253D3fe29633%252D5e6a%252D408a%252D829e%252D9afd7241a358&Source=cookie0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		unknown
    dual-spo-0005.spo-msedge.net
    		13.107.136.10
    		truefalse
      		unknown
      sni1gl.wpc.upsiloncdn.net
      		152.199.21.175
      		truefalse
        		unknown
        sni1gl.wpc.omegacdn.net
        		152.199.21.175
        		truefalse
          		unknown
          www.google.com
          		142.250.185.68
          		truefalse
            		unknown
            s-part-0032.t-0009.t-msedge.net
            		13.107.246.60
            		truefalse
              		unknown
              fp2e7a.wpc.phicdn.net
              		192.229.221.95
              		truefalse
                		unknown
                autologon.microsoftazuread-sso.com
                		40.126.32.140
                		truefalse
                  		unknown
                  aadcdn.msauthimages.net
                  		unknown
                  		unknownfalse
                    		unknown
                    identity.nel.measure.office.net
                    		unknown
                    		unknownfalse
                      		unknown
                      aadcdn.msftauth.net
                      		unknown
                      		unknownfalse
                        		unknown
                        login.microsoftonline.com
                        		unknown
                        		unknownfalse
                          		unknown
                          gerflorgroup.sharepoint.com
                          		unknown
                          		unknownfalse
                            		unknown

                            Contacted URLs

                            NameMaliciousAntivirus DetectionReputation
                            https://aadcdn.msauthimages.net/c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/illustration?ts=637486276470461863false
                            • Avira URL Cloud: safe
                            		unknown
                            https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5false
                              		unknown
                              https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd&sso_reload=truefalse
                                		unknown
                                https://gerflorgroup.sharepoint.com/sites/InternationalFinanceSeminar-June2024/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInternationalFinanceSeminar%2DJune2024%2FShared%20Documents%2FGeneral%3Fcsf%3D1%26web%3D1%26e%3D2fBDL5%26CID%3D3fe29633%2D5e6a%2D408a%2D829e%2D9afd7241a358false
                                • Avira URL Cloud: safe
                                		unknown
                                https://gerflorgroup.sharepoint.com/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5&CID=3fe29633-5e6a-408a-829e-9afd7241a358false
                                • Avira URL Cloud: safe
                                		unknown
                                https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cdfalse
                                  		unknown
                                  https://gerflorgroup.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fInternationalFinanceSeminar-June2024%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInternationalFinanceSeminar%252DJune2024%252FShared%2520Documents%252FGeneral%253Fcsf%253D1%2526web%253D1%2526e%253D2fBDL5%2526CID%253D3fe29633%252D5e6a%252D408a%252D829e%252D9afd7241a358&Source=cookiefalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://aadcdn.msauthimages.net/c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/bannerlogo?ts=638243219943629081false
                                  • Avira URL Cloud: safe
                                  		unknown

                                  URLs from Memory and Binaries

                                  NameSourceMaliciousAntivirus DetectionReputation
                                  https://login.microsoftonline.comchromecache_122.2.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://login.windows-ppe.netchromecache_122.2.drfalse
                                  • URL Reputation: safe
                                  		unknown

                                  World Map of Contacted IPs

                                  • No. of IPs < 25%
                                  • 25% < No. of IPs < 50%
                                  • 50% < No. of IPs < 75%
                                  • 75% < No. of IPs

                                  Public IPs

                                  IPDomainCountryFlagASNASN NameMalicious
                                  142.250.185.68
                                  		www.google.comUnited States
                                  		15169GOOGLEUSfalse
                                  13.107.136.10
                                  		dual-spo-0005.spo-msedge.netUnited States
                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  13.107.246.60
                                  		s-part-0032.t-0009.t-msedge.netUnited States
                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  239.255.255.250
                                  		unknownReserved
                                  		unknownunknownfalse
                                  152.199.21.175
                                  		sni1gl.wpc.upsiloncdn.netUnited States
                                  		15133EDGECASTUSfalse

                                  Private

                                  IP
                                  192.168.2.9
                                  192.168.2.4

                                  General Information

                                  Joe Sandbox version:40.0.0 Tourmaline
                                  Analysis ID:1467125
                                  Start date and time:2024-07-03 18:08:42 +02:00
                                  Joe Sandbox product:CloudBasic
                                  Overall analysis duration:0h 3m 24s
                                  Hypervisor based Inspection enabled:false
                                  Report type:full
                                  Cookbook file name:browseurl.jbs
                                  Sample URL:https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5
                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                  Number of analysed new started processes analysed:8
                                  Number of new started drivers analysed:0
                                  Number of existing processes analysed:0
                                  Number of existing drivers analysed:0
                                  Number of injected processes analysed:0
                                  Technologies:
                                  • HCA enabled
                                  • EGA enabled
                                  • AMSI enabled
                                  Analysis Mode:default
                                  Analysis stop reason:Timeout
                                  Detection:CLEAN
                                  Classification:clean2.win@22/40@20/7
                                  EGA Information:Failed
                                  HCA Information:
                                  • Successful, ratio: 100%
                                  • Number of executed functions: 0
                                  • Number of non-executed functions: 0

                                  Warnings

                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                  • Excluded IPs from analysis (whitelisted): 142.250.185.131, 142.250.186.78, 64.233.184.84, 34.104.35.123, 40.126.32.68, 20.190.160.17, 40.126.32.76, 20.190.160.20, 20.190.160.22, 40.126.32.138, 40.126.32.140, 40.126.32.74, 2.16.164.19, 2.16.164.121, 40.126.31.67, 20.190.159.4, 20.190.159.0, 40.126.31.69, 20.190.159.68, 20.190.159.64, 20.190.159.75, 20.190.159.71, 20.114.59.183, 199.232.210.172, 142.250.185.138, 172.217.16.202, 216.58.212.138, 142.250.186.170, 142.250.185.170, 142.250.185.106, 142.250.186.74, 172.217.18.106, 172.217.18.10, 142.250.185.234, 172.217.23.106, 142.250.186.106, 142.250.185.202, 142.250.185.74, 142.250.184.234, 216.58.206.74, 20.50.73.11, 40.126.31.71, 20.190.159.2, 20.190.159.73, 192.229.221.95, 20.166.126.56, 20.50.80.214, 20.3.187.198, 13.85.23.206, 142.250.186.131, 104.124.11.56, 104.124.11.27
                                  • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, ak.privatelink.msidentity.com, a1894.dscb.akamai.net, clients2.google.com, ocsp.digicert.com, login.live.com, aadcdn.azureedge.net, aadcdn.ec.azureedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, onedscolprdneu07.northeurope.cloudapp.azure.com, login.mso.msidentity.com, onedscolprdneu11.northeurope.cloudapp.azure.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, www.tm.ak.prd.aadg.trafficmanager.net, prdv4a.aadg.msidentity.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, aadcdnoriginwus2.azureedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, www.tm.ak.prd.aadg.akadns.net, 189047-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net, ctldl.windowsupdate.com, aadcdn.msauth.net, firstparty-azurefd-prod.trafficmanager.net, login.msa.msiden
                                  • Not all processes where analyzed, report is missing behavior information
                                  • Report size getting too big, too many NtSetInformationFile calls found.
                                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                  • VT rate limit hit for: https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5

                                  Simulations

                                  Behavior and APIs

                                  No simulations

                                  LLM Input / Output

                                  InputOutput
                                  URL: https://login.microsoftonline.com/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D0000000 Model: Perplexity: mixtral-8x7b-instruct
                                  {"loginform": true,"urgency": false,"captcha": false,"reasons": ["The text 'Sign in to your account' suggests the presence of a login form.","There is no language in the text that creates a sense of urgency.","There is no mention or indication of a CAPTCHA or any other anti-robot detection mechanism.","The webpage contains a form field for entering an email address, which is a type of sensitive information, and a 'Sign-in' button, both of which are common elements of a login form."]}
                                  Title: Sign in to your account OCR: Gerflor Sign in someone@example.com Can't access ur account? Back Next Sign-in options Terms of use Privacy &
                                  URL: https://login.microsoftonline.com Model: gpt-4o
                                  ```json{  "phishing_score": 1,  "brands": "Microsoft",  "phishing": false,  "suspicious_domain": false,  "has_prominent_loginform": true,  "has_captcha": false,  "setechniques": false,  "has_suspicious_link": false,  "legitmate_domain": "microsoftonline.com",  "reasons": "The URL 'https://login.microsoftonline.com' is a legitimate domain associated with Microsoft, specifically used for Microsoft online services login. The login page design and layout appear consistent with Microsoft's branding and design standards. There are no obvious signs of social engineering techniques or suspicious links. The presence of a prominent login form is expected for a legitimate login page. Therefore, based on the analysis, this site is determined to be legitimate."}

                                  Joe Sandbox View / Context

                                  IPs

                                  No context

                                  Domains

                                  No context

                                  ASNs

                                  No context

                                  JA3 Fingerprints

                                  No context

                                  Dropped Files

                                  No context

                                  Created / dropped Files

                                  Chrome Cache Entry: 120

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 850x566, components 3
                                  Category:dropped
                                  Size (bytes):280036
                                  Entropy (8bit):7.979087659344012
                                  Encrypted:false
                                  SSDEEP:6144:kmk7WFkMpFSLHWj/kMMV97gsO6TCtkIzpjCulIGkwL0pMviSoP2C0+:tk7WF/pFyy509EsG6INVIGf02aSoPp0+
                                  MD5:BEF64835784355D96696C45F6C4D3094
                                  SHA1:4D64D50656FBA7C636EBAF0C1D35BB49CC1ABE6D
                                  SHA-256:F0C1EB382034618A6A9DD158AFEC6B5B8EE710E96E4B1BF2CF58E407BA3D5102
                                  SHA-512:B41F36B10445C3A84AFA3005D3DF1037D72C0CA549482CF4FBF133F3A1C582203084F581D57430A3E98D4D57070E8B6490E55B20ED3C9AD5E91D0006A825B05D
                                  Malicious:false
                                  Reputation:low
                                  Preview:......JFIF.....H.H.....C....................................................................C.......................................................................6.R............................................D.........................!1..A"Q..2aq#..B..R....$3b...r.%C..4.Sc..................................;......................!1.A.Qa.."q.......2...#B3RCSbr..$4.............?..]<IS"M...........{.0X..Q.b..M..ebO..7O...q..*/m........}..F.%d..0..[dhsD.W..........l...!.YE.o.=UX.p..d.l..........E....[...K!.......3...48.p..G...LF.Y.C..@..>...{.3.Y......(t..4.}_..$...*....V.s..zn.5.....~..0.1*..Z..i..d...h\H..*.v...2I....../..'.TU../.erI!A..?......nU).6._.z.......ME.. ..M....".....+.$.....=GO.Y..,....E...8....B..J..K).bdm.%>..7.....H....\d.\..#.[5..%CX.......2..h....$}d.... .B.7*.+....mZ...c...,.^.....:..(3idp$...t...?....|....ADUi..^M@ ....\...;..n.%...h.~N4f.m..4.....a.. ....b..).SK...I........'(.h......}=..~B.....&...~...$@.T1.U...|.8.6HP.\@Tz..Z...U...>..

                                  Chrome Cache Entry: 121

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152
                                  Category:downloaded
                                  Size (bytes):61052
                                  Entropy (8bit):7.996159932827634
                                  Encrypted:true
                                  SSDEEP:1536:HQaq1Q7XOos5ZBIp+1Zr52IGmCJijm1qAxTe9wzf:fq1HoUBIpU5TG7JSmwuTe+b
                                  MD5:C1E82BF71ADD622AD0F3BF8572F634FC
                                  SHA1:6CA863D4CAB96669202548D301693B3F5F80B0D5
                                  SHA-256:BA48AF15D297DB450DC4870242482145ADDB2D18375A4871C490429E2DC5464A
                                  SHA-512:820A7F8A0C8EA33A8FE1E90CDC35F45DC1E143E836B0D8EA047E1E312F8CAEC72CDEE4E7DB54760A4D749CD0ACFE103A27E39A9A56EB2D704E448A67B0D0C079
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                  Preview:...........iw.F.0.....'W...4)/qH#..D.L.EK...................().}.{..@.z........Qz.,..Ox.....i4..S.&.p......9..W....);a.].a....Y......Y<,.n..."`Is....5....P..|.-..x1.F...@...yRlG.O..5.Q.|.gy.c.^....r.EC.....xd.oL..$./..|3.......r^.j.}...M... )x.D.....%.....B..t....vZ....2L......px.G.1.*.lZYh...$.....,.../.a..;Q...._..#.....e.T.:trA_.0.:.f...........(I.x?.S...<7...o..0.`r.x.+.2..o+...4/..vzY7.C'.....!.r..4n....]P.+a..........._.8,..G>...{.4B....o.9.....r......X3..U.....'.0.@...lrX....r.W\e...].}....(.l......=........3....S..........^=D..[.zw6..e...<WQ.w.(.X..S....>.^.....^B..O-.(..U.R;h..v.......4.Dc .?..z....r.._.Y......M.a.?,...?..U.....OF.w\h$.Q..5....Q.Oj ....5U..8..Y......gYZM....y..OrY.z]B..y..;o.....oT.r...H..{K...Y&Q.......*..W....N4.......].0m..m........E.bc..~..e.. .nzS.i3^......).,Y}.=1H...... V...g.)....X..G...C....@o,.i.~...as...ehEH....u9l.2...y\J.?.(.I.q%..F#..D../>pr$...,...m.6..:,<s..~S.fl;k.'<..}z.Y.

                                  Chrome Cache Entry: 122

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:HTML document, ASCII text, with very long lines (3437), with CRLF line terminators
                                  Category:downloaded
                                  Size (bytes):3439
                                  Entropy (8bit):5.12253249098629
                                  Encrypted:false
                                  SSDEEP:96:3qO9I9Sz9KHULMO34UiEBGLosqAsosushswsosry:a2IYz95oTEBac
                                  MD5:6635D7000669B3B00D3577DB7EE58F5D
                                  SHA1:7DB793D847EDC78B731185C85AD93BA4761D139B
                                  SHA-256:4E52043A45804E7CDB6C9D09A0F64A4293082E6F32BB3D689BE4822A6E18BACB
                                  SHA-512:FE3D01776B8D98E975D4DB6E956196B0D5602563E0252BD960A5A739D591F3AC96F5F2EF48EF6B49286822D80106932C104B324BD355EBE1D2FEFCB124D5866B
                                  Malicious:false
                                  Reputation:low
                                  URL:https://login.live.com/Me.htm?v=3
                                  Preview:<script type="text/javascript">!function(t,e){for(var s in e)t[s]=e[s]}(this,function(t){function e(n){if(s[n])return s[n].exports;var i=s[n]={exports:{},id:n,loaded:!1};return t[n].call(i.exports,i,i.exports,e),i.loaded=!0,i.exports}var s={};return e.m=t,e.c=s,e.p="",e(0)}([function(t,e){function s(t){for(var e=f[S],s=0,n=e.length;s<n;++s)if(e[s]===t)return!0;return!1}function n(t){if(!t)return null;for(var e=t+"=",s=document.cookie.split(";"),n=0,i=s.length;n<i;n++){var a=s[n].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===a.indexOf(e))return a.substring(e.length)}return null}function i(t,e,s){if(t)for(var n=t.split(":"),i=null,a=0,r=n.length;a<r;++a){var c=null,S=n[a].split("$");if(0===a&&(i=parseInt(S.shift()),!i))return;var l=S.length;if(l>=1){var p=o(i,S[0]);if(!p||s[p])continue;c={signInName:p,idp:"msa",isSignedIn:!0}}if(l>=3&&(c.firstName=o(i,S[1]),c.lastName=o(i,S[2])),l>=4){var f=S[3],d=f.split("|");c.otherHashedAliases=d}if(l>=5){var h=parseInt(S[4],16);h&&(c.

                                  Chrome Cache Entry: 123

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JSON data
                                  Category:dropped
                                  Size (bytes):72
                                  Entropy (8bit):4.241202481433726
                                  Encrypted:false
                                  SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                  MD5:9E576E34B18E986347909C29AE6A82C6
                                  SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                  SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                  SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                  Malicious:false
                                  Reputation:low
                                  Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                  Chrome Cache Entry: 124

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                  Category:downloaded
                                  Size (bytes):621
                                  Entropy (8bit):7.673946009263606
                                  Encrypted:false
                                  SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                  MD5:4761405717E938D7E7400BB15715DB1E
                                  SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                  SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                  SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
                                  Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                  Chrome Cache Entry: 125

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 184x60, components 3
                                  Category:dropped
                                  Size (bytes):6877
                                  Entropy (8bit):7.780344901379895
                                  Encrypted:false
                                  SSDEEP:96:u9WEzSkOpqBQ8FlzY0LyKTMiXjf+zK4PQNx288Y1TIt9W+Cd/Jc0WDyMfXBwAAue:Hhk28DUQy+PXjfcUTcbi69DVfxwC4pRb
                                  MD5:34D1BE34BA8576F87FC24E4D60E81AD8
                                  SHA1:E09217159639F74F4C02F39E2F5A67881EC3AE9F
                                  SHA-256:50A8693713F26AA04CAD94220D1126C7350038FB9C904B4D4485A97E2565D536
                                  SHA-512:1F6F38EE8579413EE2463927C8E913AAD3CD0A73723CB7281FA2EA3E9E2118AD97A5813BD8725E803479327868AE10E97F37C664DA44CBC73D463A44D09AF370
                                  Malicious:false
                                  Reputation:low
                                  Preview:......JFIF.....`.`....."Exif..MM.*.........................C....................................................................C.......................................................................<...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?......\}).v...........7..M..N...7.'.O....wx....j...xo$2*..IS.Ua[a..V4..X.$.....J?......m..Z..>"....Z.I.#.;..B|.d<s!.W.G.?...........+._./..-'~.../.D~."yj.H.~e~._.o...(/.%k.....x..>*......Ve.......9...|.6IfE\.*.......c...\|].....k."....XA'.Tb.,..$.$...}...-.X..7..q.R......_.x...V........t.C..S...NG.2,..\m...Z.^...t...`...

                                  Chrome Cache Entry: 126

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113355
                                  Category:downloaded
                                  Size (bytes):20390
                                  Entropy (8bit):7.9794389214686126
                                  Encrypted:false
                                  SSDEEP:384:ekqQ8rNFEhCgMyL2iww6oIR8mWG+Pu9Z5IMU7ULgCsHqZl3v:9CGEiL/w7R8DW9Z5BU7UMZHqv
                                  MD5:5EDF83D03EA7B67BD2F35472E435D17E
                                  SHA1:737BF84D2931906E6700439FD90CE6147633B0D0
                                  SHA-256:6524138B61AAF24DEADDA7C64AF577789C350C1ED90C48B6482011323C455513
                                  SHA-512:DE3F83D1C11E1498C2D83DD72374755385DE76F870F54A2698D22DC7CE2F85B685690C93128A9A68D43DB94B7CCE1C45072521A5912E97F4FCACD341F162FA45
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
                                  Preview:...........}ks.6.....\.R;.J.H=-WR;..&>g^53.G.R[.DY<C..$e.WG..... )...{+'g...l............bw_f7.:x..<x.-.*V5)/wE..Y...gy.0.*(.*-o.e.|..._..I.....?<{.!x...W..._..^..p..E..'..Y...<.....*]..6(. ..D..*...Y.......:.ve.?..!..|t...].+.......a.......|.P...u.H.d.d.r.c[..~.L..n.-.}e.H3...r..^..iP.u.*.z.....)..Z.jx..C'......u..{.C...N.o.m~..F(b..f.....h..O.....6....kr.......n2m M$.R..R..i{.~...*..n.dKY..#.Kn.4..G...O..l.#.a=..iU..].S.2.wY..O.|...Z.A....].uU.._%U.<...pp..u=.....C.R..S.....0...A<......&...W..'o.T.."..jO..^+.....DiW.b..7i..7..........lKe.0.~B0.....zQu#...YB.,.{*.&.6..G.6..._...J.i.?.LS$( .^.{..u.-.0....K....M&j..s.yB..+....^.)...7e.....]..eFI_.kRX.B......D[.4......+.u=>....R.`QEK...R..d...*S.. ,c5RKBK(......][..eF{T.....6...".....Uk:..S.0Ro.}B.dwJZ}U..S.F.....&.&.~|......{..Ep.>x..._....}p..=.}...v...7?}...g..1&.......}...^...o.x.>x...../.^....._.........w.v./.........BA...{J..w..$?.}w....?zO.r..5...7.gl..z...g.?.{....R.......yGj

                                  Chrome Cache Entry: 127

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:ASCII text, with no line terminators
                                  Category:downloaded
                                  Size (bytes):36
                                  Entropy (8bit):4.503258334775644
                                  Encrypted:false
                                  SSDEEP:3:Eq62iczBr9ks:EqdiczBys
                                  MD5:06B313E93DD76909460FBFC0CD98CB6B
                                  SHA1:C4F9B2BBD840A4328F85F54873C434336A193888
                                  SHA-256:B4532478707B495D0BB1C21C314AEF959DD1A5E0F66E52DAD5FC332C8B697CBA
                                  SHA-512:EFD7E8195D9C126883C71FED3EFEDE55916848B784F8434ED2677DF5004436F7EDE9F80277CB4675C4DEB8F243B2705A3806B412FAA8842E039E9DC467C11645
                                  Malicious:false
                                  Reputation:low
                                  URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmCAmly1gHbXRIFDdFbUVISBQ1Xevf9?alt=proto
                                  Preview:ChgKDQ3RW1FSGgQIVhgCIAEKBw1Xevf9GgA=

                                  Chrome Cache Entry: 128

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 15755
                                  Category:downloaded
                                  Size (bytes):5531
                                  Entropy (8bit):7.959252561748488
                                  Encrypted:false
                                  SSDEEP:96:VTDmMXgt+DupJVNRosjYrjoWYyu1rj2rtPz7PR4Ta1w/tK51+FPsMj+m7CvZN8FJ:FDmMwQDupJposcrjoWYj2rtL7PGOCtRp
                                  MD5:20C932851211BE4254786E0812D655B8
                                  SHA1:98292BF09A8031CB5F70B85357A4DB7054F7886F
                                  SHA-256:DE1485F02216071216CC6D4D8C3DABD276DA0047F425561D91FF160348E826AD
                                  SHA-512:E18C02477E6AD71FA74865EEF21A71429E3B54453F7E7562563DEF359A9D6BD87433C643B4D35FDDFF41C67E54E096FD8765EE53AD51B1148A0F9C445A4FE7FC
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
                                  Preview:...........[}w.F...?.b.(..c.i....q....c.%..Mrt..I..(.l.....3 ..d...$...s..}....i.....G...{.e[..\7.+.}.>\.:.......7.6....9p...(.D..a..Q.\hS...n...h.....I...S...H.h...^3...+7I.Z......?.C..F..?OR-.R..57.$../...,.x..O..D...I$.Q.%|..;l"f._.in.5.Sm.%.D.ai]......QHp...{@8....8........5Q....+dD.:.Z.i.h.Q_......6.r../..o6L..c.....A.E.O4.,A.k.!.....8qCby.....'.Oy.20.....Oc."O.4..(.y@w+....[..h.W...Y_.f|wt.....cSMM.4.....O'..5...^4......[..;..{...P....l.j6..Z3..~..uU.~g..W9./.....tC.G.C........3...4..A..o...b.bl.......>....._..h.f.ep.2a>..,G..,...d..G&....dn.....j$..uB.z...Y...d.M.H...r.RA..).g.@.. ...1.......Y..).....s5..v...IN..5../tH..p<..-o.......`&M7uA;..(.@.......,.\.?f.0..[3@...D..|......wi2...=.n!.].)..E7.... .#........8(...?@.G.TO$m.cI^.9...}Z......Zn.d..t]..cC7t.9...=.(..c..h..l..fIp.......O.6.,....G.It.!.g#...l.$\W8...7.s.....{~"..k..X....q......l.>x..={f.n..W.....c..Q..I?..;a..MS>.!5v.h.B+.......q...z.q..^o.>..@..O....X.vd.4.z..Y...

                                  Chrome Cache Entry: 129

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                  Category:dropped
                                  Size (bytes):621
                                  Entropy (8bit):7.673946009263606
                                  Encrypted:false
                                  SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                  MD5:4761405717E938D7E7400BB15715DB1E
                                  SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                  SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                  SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                  Malicious:false
                                  Reputation:low
                                  Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                  Chrome Cache Entry: 130

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 448825
                                  Category:downloaded
                                  Size (bytes):121952
                                  Entropy (8bit):7.997437972222869
                                  Encrypted:true
                                  SSDEEP:1536:3tqySXm+F/NQcswU9911/RZj+GuzdcX4doW9D/XkunoUbo/l/FCQm+TGOyycMraY:3t7+FlIJFX499D2UyFCQm+lyBMra6D
                                  MD5:828EF9B94FCC85C0510CC7E2E1B4F707
                                  SHA1:A6AE0DF2CAAC50E9CB834ED8066514C786E28173
                                  SHA-256:746B9E91098F4F3CFC9A9A1C57088ECCBC85681EBFCD96BDF4FE075F4F555C11
                                  SHA-512:A614D0831A60E436F6A8A6AC5B7157BD93FB22DEA9019B47DB5249138D7761B3F8695F456776E8F53376BBCA7CBE2871C6A9F6D9234033695BA6D2142D8C0912
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js
                                  Preview:...........m[.H....~...1v#\......@.....K1<..6jd.+........R.LU...=.\.laeF.EFFFDFF~.e....R....*....uepR..rzuT.....\..O..?^.6.....'.......9..*QX....Q<.b'eIe....T.q4....2..?..&..OR(4bA.\.Bu.W.t...rzY.C..j.'~...h.....J....*N.Qm.|....C.....}...n.%.8...e..4..!..^qbVIXZ.Gq...Q...R.P3.....O....i../.....9...Da.ZW:.U..-...F..h.z....'...4.v0=......^.f..'.b.T"..+....^a/3.H...$vBD.l.&..MY..<FEG...:......K.h6c..-U..'...R.3..F..Rm.fg.h..f.g=..,.>|....|Tw.../.O.'....08.......&....U.......h...l.R..i............A.......:py|...C.;Ve...]..!|Eq........q........]... .....N..dg....mr..F.j.0.i...X..I..!.d.....}......s..mo...<y....R..m.`.R .J\..*c=.*..6..c..F5x.......=........Z......K....e,.24D...\.o.Z..y.V.w....br@.mL.....e.".Z,.....B..T..S=....#...<my"z..z...[5.{q.*...E}C.[.b..&..-...1..Z...w..s..R.....m....k.I....+...Re....T\.8`g.0.F...TL}<..:Nt........`?....`Zb.S.S..}=$.;.Y.Z...n."..)}..K.{0...._..a-..L...I)U....+y..H..5.\.G..9.].z{.>',=...%.^...3eU.....7e..Q2$JNx....

                                  Chrome Cache Entry: 131

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:GIF image data, version 89a, 352 x 3
                                  Category:dropped
                                  Size (bytes):3620
                                  Entropy (8bit):6.867828878374734
                                  Encrypted:false
                                  SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                  MD5:B540A8E518037192E32C4FE58BF2DBAB
                                  SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                  SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                  SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                  Malicious:false
                                  Reputation:low
                                  Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                  Chrome Cache Entry: 132

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 406986
                                  Category:downloaded
                                  Size (bytes):116351
                                  Entropy (8bit):7.9975788994031465
                                  Encrypted:true
                                  SSDEEP:1536:cEdtt9lZgVnh9Mq+S8ECUVjeJ9uBGB6QFM2lNSXkbva7/rF3I0nAiW7zMpFOfFlp:f5R6Mq74i6P6r2lNxcrhfnPXFmD6zJk
                                  MD5:FEDAFBAC6D003C0D0DCA6F46FC3305C2
                                  SHA1:19A766D07F77FB5A37435FB94001E6170382DF36
                                  SHA-256:15D89CD4219307695E0C0E02D0A852BCE5F1549DC1C48D0116ED05EEA0747461
                                  SHA-512:E7175F8E39F1AB98B8419FAC92619F1776F93225CEFDDE1A5E4629073677ADD25B2EA77AE113E64EB03A4CF7E58347872D81892DD31BDD0403D2C2DEBA421F19
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
                                  Preview:...........}[[.H........-...."#<$!=.$...{z..O.e..<.pi....Z....,.I.>..L...K....W.....l.._.....r.r...w.S............`...b.E..7....v#>..~%.+.?..Y..1.*S..z.2..i%...,...A.U&^..G.|..UL...VN.0~...Z...Cm....`.......7....Rm...#^I.!.+wco0.|..a........n..(...&X..y%.qe...X..Q9.....-FT.:..............8K`..M.O..Z'....>T...$...x<....6...|.U.].&....f..[..dR..xX.....~?....r..>N.j....9.r?f0y.>.~.x..t.F.*<...Opm..;/....*..Q.._...n.:...f....q<...../.'.A0........o0.....O>m|.....\....zPy.L].Wm......S5.'0.........O.~....._...a7...;..7...S.l>..[.Y.....>;.C....j[0W>,.y9J.....g..x........._.~....g.b.......\...T).8^.<.ag.M`A..o4u...?.v....8....'......:q.6Y..]6...T}P..'!...,..d..F4....8|..]odVcK~.5B........*.i.u.,..%.c.7<..N..T../.f...o...N2.......:h.ew..x.bo.$...6.(..=z..........frk.F.7IB^R.z..~..u...A..>&<4......M.#(.Xt.......k...i.f...,C.q..bY..K#...^.!p..E..j....m.....}IX...7.k\q.z..G..X......y.d..\R.]V.......b.0.o....7..piC.../.px..j..r2.....R.j5m..s..Dw^

                                  Chrome Cache Entry: 133

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                  Category:downloaded
                                  Size (bytes):17174
                                  Entropy (8bit):2.9129715116732746
                                  Encrypted:false
                                  SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                                  MD5:12E3DAC858061D088023B2BD48E2FA96
                                  SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                  SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                  SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
                                  Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                  Chrome Cache Entry: 134

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 850x566, components 3
                                  Category:downloaded
                                  Size (bytes):280036
                                  Entropy (8bit):7.979087659344012
                                  Encrypted:false
                                  SSDEEP:6144:kmk7WFkMpFSLHWj/kMMV97gsO6TCtkIzpjCulIGkwL0pMviSoP2C0+:tk7WF/pFyy509EsG6INVIGf02aSoPp0+
                                  MD5:BEF64835784355D96696C45F6C4D3094
                                  SHA1:4D64D50656FBA7C636EBAF0C1D35BB49CC1ABE6D
                                  SHA-256:F0C1EB382034618A6A9DD158AFEC6B5B8EE710E96E4B1BF2CF58E407BA3D5102
                                  SHA-512:B41F36B10445C3A84AFA3005D3DF1037D72C0CA549482CF4FBF133F3A1C582203084F581D57430A3E98D4D57070E8B6490E55B20ED3C9AD5E91D0006A825B05D
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauthimages.net/c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/illustration?ts=637486276470461863
                                  Preview:......JFIF.....H.H.....C....................................................................C.......................................................................6.R............................................D.........................!1..A"Q..2aq#..B..R....$3b...r.%C..4.Sc..................................;......................!1.A.Qa.."q.......2...#B3RCSbr..$4.............?..]<IS"M...........{.0X..Q.b..M..ebO..7O...q..*/m........}..F.%d..0..[dhsD.W..........l...!.YE.o.=UX.p..d.l..........E....[...K!.......3...48.p..G...LF.Y.C..@..>...{.3.Y......(t..4.}_..$...*....V.s..zn.5.....~..0.1*..Z..i..d...h\H..*.v...2I....../..'.TU../.erI!A..?......nU).6._.z.......ME.. ..M....".....+.$.....=GO.Y..,....E...8....B..J..K).bdm.%>..7.....H....\d.\..#.[5..%CX.......2..h....$}d.... .B.7*.+....mZ...c...,.^.....:..(3idp$...t...?....|....ADUi..^M@ ....\...;..n.%...h.~N4f.m..4.....a.. ....b..).SK...I........'(.h......}=..~B.....&...~...$@.T1.U...|.8.6HP.\@Tz..Z...U...>..

                                  Chrome Cache Entry: 135

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:GIF image data, version 89a, 352 x 3
                                  Category:dropped
                                  Size (bytes):2672
                                  Entropy (8bit):6.640973516071413
                                  Encrypted:false
                                  SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                  MD5:166DE53471265253AB3A456DEFE6DA23
                                  SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                  SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                  SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                  Malicious:false
                                  Reputation:low
                                  Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                  Chrome Cache Entry: 136

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JSON data
                                  Category:dropped
                                  Size (bytes):72
                                  Entropy (8bit):4.241202481433726
                                  Encrypted:false
                                  SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                  MD5:9E576E34B18E986347909C29AE6A82C6
                                  SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                  SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                  SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                  Malicious:false
                                  Reputation:low
                                  Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                  Chrome Cache Entry: 137

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113769
                                  Category:downloaded
                                  Size (bytes):35167
                                  Entropy (8bit):7.9940882099284245
                                  Encrypted:true
                                  SSDEEP:768:7hZ+Bu8B8u9cTsNFEe8KT5ZRsn/lxN9VICF+wXEg5dPZ1l:x8+u6Tk8Q5MnND/+wUgnPXl
                                  MD5:157CD264060EC0AA768C58FA5E3BCD45
                                  SHA1:C11F015567C602806D9B2FAA5FB5C36ED15D2BF2
                                  SHA-256:5AA014AA67DDC6E040E1F60BBE3B7E810809759B561E391A9B8F84A93827E07B
                                  SHA-512:556C196743A9CF18D0F5EE8557ACBD4867DA253BBBFEFB9539E6C6CCF983351A9FDC3CE5209018771B72A2616AFB643DA914298FA5EC57EE1D5D871C27A68C21
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
                                  Preview:...........kC.H.0......e....0.pX..Iv3..\f..0YY.m..e$.K..o...j..g.3.lpW.......[..Y.?k.Y.......8~.a..../_.;]{.............v...0..q.Dk.w...h-....Z<..l.fA..k3.7..dm....b..-...(,.$...4...f...e...AV..z.mA....O.9........k..h-.......<Z[.GQ.v3....Oq..y:..(..k.$_...._..h-...q..S.ck.=.T......Sq@.:.A.c.(....SDq..Ac.t..m.$Lc....Z...K...O<....f9..p...0Z..3.<...$YK.x.F......v....nm..s$...&..dQ4.......n-.-.......E.XD..-5~...f.....t...-_.....fsg...8kZ..|.{{....p+Lg.t9I..P./ap......o9Wx.._{....k..,...............................7.|..t...Ax.7..b..v..v.m-...~v...:....r..._........,...A........:..x.>.y..u....N...\s...).......<?._.........%.jC..~..=.....O._j.h.,...O@..9.RN@.0.t>..K.....`......!^.......".~.........g.$:.O...b>..m.M.........y_p.. .....V..No...$T.;.b....[ ..z.....t...N.g5...._c.....I....l_.l_.."..._oz..^lM....hc..^l..-.0M..'[.....,...A....7X....O^...y..&.i.f.....lE nGQ=...........y$?.cB.+h..2...n).9.....kb.Cdg....^'...."..Q:^.z.j~.......

                                  Chrome Cache Entry: 138

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:GIF image data, version 89a, 352 x 3
                                  Category:downloaded
                                  Size (bytes):2672
                                  Entropy (8bit):6.640973516071413
                                  Encrypted:false
                                  SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                  MD5:166DE53471265253AB3A456DEFE6DA23
                                  SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                  SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                  SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
                                  Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                  Chrome Cache Entry: 139

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 184x60, components 3
                                  Category:downloaded
                                  Size (bytes):6877
                                  Entropy (8bit):7.780344901379895
                                  Encrypted:false
                                  SSDEEP:96:u9WEzSkOpqBQ8FlzY0LyKTMiXjf+zK4PQNx288Y1TIt9W+Cd/Jc0WDyMfXBwAAue:Hhk28DUQy+PXjfcUTcbi69DVfxwC4pRb
                                  MD5:34D1BE34BA8576F87FC24E4D60E81AD8
                                  SHA1:E09217159639F74F4C02F39E2F5A67881EC3AE9F
                                  SHA-256:50A8693713F26AA04CAD94220D1126C7350038FB9C904B4D4485A97E2565D536
                                  SHA-512:1F6F38EE8579413EE2463927C8E913AAD3CD0A73723CB7281FA2EA3E9E2118AD97A5813BD8725E803479327868AE10E97F37C664DA44CBC73D463A44D09AF370
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauthimages.net/c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/bannerlogo?ts=638243219943629081
                                  Preview:......JFIF.....`.`....."Exif..MM.*.........................C....................................................................C.......................................................................<...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?......\}).v...........7..M..N...7.'.O....wx....j...xo$2*..IS.Ua[a..V4..X.$.....J?......m..Z..>"....Z.I.#.;..B|.d<s!.W.G.?...........+._./..-'~.../.D~."yj.H.~e~._.o...(/.%k.....x..>*......Ve.......9...|.6IfE\.*.......c...\|].....k."....XA'.Tb.,..$.$...}...-.X..7..q.R......_.x...V........t.C..S...NG.2,..\m...Z.^...t...`...

                                  Chrome Cache Entry: 140

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:GIF image data, version 89a, 352 x 3
                                  Category:downloaded
                                  Size (bytes):3620
                                  Entropy (8bit):6.867828878374734
                                  Encrypted:false
                                  SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                  MD5:B540A8E518037192E32C4FE58BF2DBAB
                                  SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                  SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                  SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
                                  Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                  Chrome Cache Entry: 141

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                  Category:dropped
                                  Size (bytes):17174
                                  Entropy (8bit):2.9129715116732746
                                  Encrypted:false
                                  SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                                  MD5:12E3DAC858061D088023B2BD48E2FA96
                                  SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                  SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                  SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                  Malicious:false
                                  Reputation:low
                                  Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                  Chrome Cache Entry: 142

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 55504
                                  Category:downloaded
                                  Size (bytes):15943
                                  Entropy (8bit):7.985634884217725
                                  Encrypted:false
                                  SSDEEP:192:NZKTeS2lyUQQPPP4JltjEp/9zueWKO1URgI8VTR1GxtbAAPSv1xfTszfqfX7t7pC:HseN8UpnQFwol5VGtb6f7CZWQFsWn
                                  MD5:AF85512023A4232F6A0E46398EADA56E
                                  SHA1:4C2E809C975BDEF26FE4EC68A35F76EC9197A5E7
                                  SHA-256:19441071B99BD0E2B917E0A1ED63061693761DCD0B5A5C98BEED99B8B16474EE
                                  SHA-512:176E7DC99F6EBAA36492FA2410BD3C5DECE2071C7A93D0F98C1FEF5FCAE9EE880B15859AA31018FBF76493A389B24AA76C799519ABBE3180512F42F30354770E
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_ixsmqakdnvme1h2u2lb1cq2.js
                                  Preview:...........}Ms#G.....u...z |..#h........C)$....`/.n...p..8...;.j.|..G_|.O.........n..How...!..+++++3+3.w7k..{..R.=.......~....E.......O. ......7.U.Q..?~v.Y.w..;....*._...N...e.zpb'.....7k....|.a...((-...J........,.}~.c2.'p<..eu.................9n#,.......7.\?...^6...^.3..^.h.....R(.^..p...xY...c..D..l2..'#o.W..7iB...XL..S.(.B......i.D.M\p..`..Eg{.....7M..{...zh...'N]..L...s..2.A..u..."*p.. Xx....w..'l..w..'c/^.FP....q.h4.R+X^{...d..M.C.J,..RP.7E.T......8 .v....Iw.X..?.r......nk./..?Wj..A.|./........JAs.j......?.!..t.z.-..m.]..3y...S@...'.).).Aa..1.kQ.....l+.....-q..n.p../..l.H>G.^<.}..ID.][D..[!...........{O....9.C...8V>..=N..(.4.KXt../.1U...\F.*0..=.......p.-..kQ@P..(...-..ea&>.y.......:..Y.t[x..Xw:.QTp....ZE.u..\?`q......EhJ.A.L.......P..=.xk....(.wrL.."d.q`...$../.\...M.<_|.<.~|[....l....o...;p.(z.&.,~.....X....1?e1.1..v.L.........,.......?{...\fB....-.).Fb.;.p.N...n(..^....B.#D...g|.E..8R\.0....7 ...C....QQ.fPB3."F..dN....%.s..%....'

                                  Chrome Cache Entry: 143

                                  Download File
                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 141492
                                  Category:downloaded
                                  Size (bytes):49696
                                  Entropy (8bit):7.995313044786981
                                  Encrypted:true
                                  SSDEEP:768:z3DVBhZjMlfZAC5OzOo51h9TG/vwkVC+VWAK0zuPKKdYkevC3MPGp7Lu:/vj0fmDio7SpVC+VGVPKEIviME7Lu
                                  MD5:3D5FBC4186EF45B04DE8BF8BA6861967
                                  SHA1:EFB2759A486E84730182091A9710DCE3EDCD8F6F
                                  SHA-256:099E7356BAE6752C1A7052BC9DE4AD113187EDA6A1385794E12955F7AE636D25
                                  SHA-512:949516390D8CEA5A1057647B2487634CFCFBD2510D9571965DC714954723EA9FA1FA79C240671888613964D8D43C921DCA8BAE3802E15C98F127B82092E51126
                                  Malicious:false
                                  Reputation:low
                                  URL:https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js
                                  Preview:............[.8.8...+.w..OL..hp._..nf.0$.......t....e .o?u.l.q.../g..J.T.*U.J..k.S......T.......T.~9:?.........h.........;?.L.......W..J.U.`.F.0r..W..o...$..+....O1N....(4...R..".r.F.s...C..j.o..J...3<.%. L.....G.M.%.Ee.x".<....?..8.$.H.........Uq#Q.ER..Qr..W..)k..3.........N....:.....:.e.`.\...V........p.[....n+.......Yu..o>N.n."z.&N......!+.W......s.6r.D.....{..q/.....*:z...3h....8.g31.....X...T*..a...W..Fsg....h..u.$.........>..7.p~;uch..+t...i.?..3...+.r6.A.*.....[g:..r.?S..............;.=6.&.`.....E=W.j.oaT}p..Vd.Np..\.i^[.....u'~..".M.:q.fF..._[..rM.F?....q.1.....S}.c_...\_./....y}6...._1-|p..l@..[q......*..k.?&.0^_.Cw:s.Rs^...IR5..Bv.yYX.....N.....O..epmF".GA...@...q..;...v`M.%3..#..,DMLTY+..g.........d+.>...{}.&N/..g-#FV.V.p.......Xs.(..{..]..-...!..F...XQge.X.MP.&.3....Re...b*23v..M.a...'......c.i...9...l..Z.`.F.._%>U.'.."..;.M......D$.}..~|....*u...ma.f:\......p..jy.<.r...cjG.N...{{}M_oEr8%...|.......d..nZ.S..H.Lx...x1t.

                                  Static File Info

                                  No static file info

                                  Network Behavior

                                  Network Port Distribution

                                  TCP Packets

                                  TimestampSource PortDest PortSource IPDest IP
                                  Jul 3, 2024 18:09:29.757738113 CEST49675443192.168.2.4173.222.162.32
                                  Jul 3, 2024 18:09:38.686549902 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:38.686594009 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:38.686670065 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:38.686933041 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:38.686945915 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:38.687521935 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:38.687529087 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:38.687586069 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:38.687800884 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:38.687812090 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.258023977 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.258044004 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.258404970 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.258440018 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.258563995 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.258574963 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.259530067 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.259601116 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.259618044 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.259674072 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.260919094 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.261010885 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.261174917 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.261189938 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.261308908 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.261379957 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.305104971 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.305105925 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.305141926 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.352615118 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.368278980 CEST49675443192.168.2.4173.222.162.32
                                  Jul 3, 2024 18:09:39.378606081 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:39.378673077 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:39.378766060 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:39.378978014 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:39.378999949 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:39.456275940 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.456368923 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.456425905 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.457016945 CEST49735443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.457041025 CEST4434973513.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.471628904 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.516504049 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.691991091 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.692019939 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.692059994 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.692091942 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.692122936 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.692168951 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.707987070 CEST49736443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.708014011 CEST4434973613.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.719249010 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.719281912 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:39.719360113 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.720067978 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:39.720081091 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.055852890 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:40.057607889 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:40.057629108 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:40.058646917 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:40.058706999 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:40.060621023 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:40.060677052 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:40.101850033 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:40.101859093 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:40.148041010 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:40.294544935 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.294862032 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.294872999 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.295238972 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.296704054 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.296777964 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.297276020 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.340504885 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.657630920 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.657658100 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.657738924 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.657748938 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.657783031 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.660082102 CEST49740443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.660101891 CEST4434974013.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.666448116 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.666497946 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.666565895 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.667356968 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:40.667378902 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:40.784539938 CEST4936453192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:40.789423943 CEST53493641.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:40.789489985 CEST4936453192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:40.854826927 CEST4936453192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:40.859724998 CEST53493641.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:41.134383917 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:41.134430885 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:41.134519100 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:41.151000977 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:41.151020050 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:41.219667912 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.219991922 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:41.220035076 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.220413923 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.220753908 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:41.220850945 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.220912933 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:41.253282070 CEST53493641.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:41.253973961 CEST4936453192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:41.259907007 CEST53493641.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:41.259962082 CEST4936453192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:41.268507957 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.485750914 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.485781908 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.485802889 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.485871077 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:41.485903025 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.486051083 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:41.487898111 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.487974882 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.488032103 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:41.513161898 CEST49741443192.168.2.413.107.136.10
                                  Jul 3, 2024 18:09:41.513199091 CEST4434974113.107.136.10192.168.2.4
                                  Jul 3, 2024 18:09:41.813163996 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:41.813225985 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:41.865735054 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:41.865767956 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:41.866148949 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:41.912327051 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.250931025 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.292506933 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:42.445398092 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:42.445512056 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:42.445559025 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.455490112 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.455519915 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:42.455530882 CEST49365443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.455537081 CEST44349365184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:42.702014923 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.702099085 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:42.702181101 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.702491999 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:42.702510118 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.179706097 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.179739952 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.180046082 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.180331945 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.180341959 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.336926937 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.336994886 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:43.359217882 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:43.359242916 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.359622002 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.401550055 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:43.418291092 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:43.464504004 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.612751961 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.612837076 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.613009930 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:43.633660078 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:43.633693933 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.633765936 CEST49368443192.168.2.4184.28.90.27
                                  Jul 3, 2024 18:09:43.633774996 CEST44349368184.28.90.27192.168.2.4
                                  Jul 3, 2024 18:09:43.832684040 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.866245985 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.866283894 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.867594957 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.867693901 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.871558905 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.871661901 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.872033119 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.872054100 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.913820982 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.975774050 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.975800991 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.975810051 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.975835085 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.975847006 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.975853920 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.975862980 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.975903034 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:43.975922108 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:43.975949049 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.059487104 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.059514046 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.059585094 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.059612989 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.059628010 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.059725046 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.061440945 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.061460018 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.061489105 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.061501980 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.061510086 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.061554909 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.061563969 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:44.061614037 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.066629887 CEST49369443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:44.066651106 CEST4434936913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:45.589339972 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.589375019 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:45.589431047 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.589754105 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.589771032 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:45.599087000 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.599102974 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:45.599241972 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.607657909 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.607703924 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:45.607906103 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.608153105 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.608174086 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:45.609004974 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:45.609036922 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.256477118 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.259886026 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.259900093 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.261086941 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.261164904 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.262398958 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.262474060 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.263159037 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.263165951 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.263859034 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.264311075 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.264337063 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.264710903 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.265372992 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.265438080 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.265640020 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.270066977 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.270277977 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.270291090 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.270627022 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.271004915 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.271069050 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.271256924 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.305366039 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.312514067 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.312530041 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379846096 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379873037 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379878044 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379885912 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379898071 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379900932 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379913092 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379946947 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.379947901 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.379973888 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.380002022 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.380017996 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.380026102 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.380043983 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.380043983 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.380074024 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.387000084 CEST49374443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.387022018 CEST4434937413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.463205099 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.463294983 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.463305950 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.463362932 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.464050055 CEST49375443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.464072943 CEST4434937513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.690063000 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.690089941 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.690129042 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.690170050 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.690184116 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.690238953 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.781953096 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.781979084 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.782073021 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.782094955 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.782130003 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.782150030 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.784348011 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.784368992 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.784404993 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.784410000 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.784457922 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.875220060 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.875248909 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.875314951 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.875329971 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.875399113 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.876589060 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876607895 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876646996 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.876656055 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876691103 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.876753092 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876766920 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876815081 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.876816034 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876827955 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876854897 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876868963 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.876874924 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.876903057 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.876913071 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.967119932 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.967216969 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.967246056 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.967384100 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.967865944 CEST49373443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.967880964 CEST4434937313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.984174967 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.984236002 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:46.985373974 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.986454010 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:46.986470938 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.619091988 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.630171061 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.630194902 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.631372929 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.633080959 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.643896103 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.644002914 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.644366980 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.644385099 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.695568085 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.799509048 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.799525976 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.799535990 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.799573898 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.799582958 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.799593925 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.799619913 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.799652100 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.799680948 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.799822092 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.886090040 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.886116028 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.886229992 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.886250973 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.886354923 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.887558937 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.887583017 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.887680054 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.887680054 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.887686014 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.888012886 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.972558022 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.972611904 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.972662926 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:47.972666979 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.972722054 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.973813057 CEST49378443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:47.973831892 CEST4434937813.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.029172897 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.029232979 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.029294968 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.029496908 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.029510975 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.065632105 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.065692902 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.065758944 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.066138029 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.066152096 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.708636999 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.708992958 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.709019899 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.709362984 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.711165905 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.711225986 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.711648941 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.739167929 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.739522934 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.739543915 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.739881992 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.740294933 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.740358114 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.740489960 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.756503105 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.784503937 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.825253963 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.825278044 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.825292110 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.825337887 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.825371981 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.825388908 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.825391054 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.825416088 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.825437069 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.826673031 CEST49379443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.826688051 CEST4434937913.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.844568014 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.844594002 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.844645023 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.844894886 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.844903946 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.894615889 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.894634008 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.894671917 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.894733906 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.894758940 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.894788980 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.894813061 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.987464905 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.987487078 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.987715006 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.987744093 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.988435984 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.988455057 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.988550901 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.988550901 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:48.988563061 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:48.988928080 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.078316927 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.078341007 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.078561068 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.078593016 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.078775883 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.079370975 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.079385996 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.079528093 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.079540968 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.079668999 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.080342054 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.080358028 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.080506086 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.080519915 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.082515955 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.120534897 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.120564938 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.120613098 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.120649099 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.120682955 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.120696068 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.120699883 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.120930910 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.122164011 CEST49380443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.122180939 CEST4434938013.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.148235083 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.148297071 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.150288105 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.150542974 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.150597095 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.150830984 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.150968075 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.150985003 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.151315928 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.151325941 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.151460886 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.151729107 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.151746988 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.151946068 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.151958942 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.853669882 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.898205042 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.913999081 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.914015055 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.915293932 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.915501118 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.916491032 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.916573048 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.916928053 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:49.916939020 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:49.955111027 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:49.955176115 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:49.955573082 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:49.959868908 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.022829056 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022855997 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022866011 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022881031 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022887945 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022896051 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022905111 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.022926092 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022953033 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.022960901 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.022986889 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.022991896 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.023005009 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.023045063 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.031862020 CEST49381443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.031877995 CEST4434938113.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.038798094 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.040061951 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.040093899 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.041229963 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.041289091 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.041511059 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.041829109 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.041846037 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.042208910 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.042540073 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.042612076 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.042658091 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.043003082 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.043011904 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.043165922 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.043179989 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.043514967 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.044162989 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.044233084 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.044310093 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.044856071 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.044915915 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.045152903 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.052683115 CEST49739443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:09:50.052710056 CEST44349739142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:09:50.084501028 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.088699102 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.092500925 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.144120932 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.144145012 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.144207001 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.144207001 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.144251108 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.144722939 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.144742966 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.144788980 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.144794941 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.144851923 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.169857979 CEST49383443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.169886112 CEST4434938313.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.175405025 CEST49382443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.175432920 CEST4434938213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.221908092 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.221955061 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.222016096 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.222992897 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.223011971 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.231230974 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.231241941 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.231298923 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.231956005 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.231969118 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.433793068 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.433824062 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.433875084 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.433902025 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.433914900 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.433969021 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.434863091 CEST49384443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.434880972 CEST4434938413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.870987892 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.881206036 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.922707081 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.922765970 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.948260069 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.948276043 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.948879957 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.949174881 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.949186087 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.949781895 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.949897051 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.949979067 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.950839043 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.950944901 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.951251030 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.951384068 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:50.996499062 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:50.996517897 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.048922062 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.048943996 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.049074888 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:51.049112082 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.049154043 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.049216032 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:51.053869963 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.053894043 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.053975105 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:51.053997993 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.054014921 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.054069996 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:51.054069996 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:51.104047060 CEST49385443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:51.104085922 CEST4434938513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.105428934 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:51.105473042 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:51.105634928 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:51.105957031 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:51.105993032 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:51.106169939 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:51.106638908 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:51.106653929 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:51.107134104 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:51.107152939 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:51.107585907 CEST49386443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:51.107614040 CEST4434938613.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:51.918282986 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:51.922343969 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:51.969441891 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:51.969446898 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.011775017 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.011790991 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.012023926 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.012051105 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.013114929 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.013206005 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.013257027 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.013274908 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.013318062 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.021640062 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.021827936 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.021917105 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.064510107 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.071187019 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.071203947 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.116938114 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.128501892 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.128649950 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.128778934 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.128799915 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.183809996 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.201849937 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203375101 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203383923 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203423023 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203438997 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203443050 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203442097 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.203470945 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203495979 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.203507900 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.203531981 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.289397955 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.289408922 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.289444923 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.289474010 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.289488077 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.289511919 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.289525986 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.289555073 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.291105986 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.291131020 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.291169882 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.291188955 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.291207075 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.291237116 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.309912920 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.310080051 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.310090065 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.310151100 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.310151100 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.310165882 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.310179949 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.310221910 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.310236931 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.374401093 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.374434948 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.374492884 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.374520063 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.374531984 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.374561071 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.374583006 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.375185966 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.375210047 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.375260115 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.375267029 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.375313044 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.375330925 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.375978947 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.375998974 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.376055002 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.376063108 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.376102924 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.376761913 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.376785040 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.376840115 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.376844883 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.376877069 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.376894951 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.402736902 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.406328917 CEST49388443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.406352043 CEST44349388152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.460808992 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.460829973 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.460903883 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.460935116 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.460977077 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.461395979 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.461421013 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.461463928 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.461477041 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.461496115 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.461518049 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.462146997 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.462162018 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.462219954 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.462230921 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.462261915 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.462578058 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.462599039 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.462649107 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.462656021 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.462690115 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.463197947 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.463216066 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.463268995 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.463274956 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.463310003 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.463896990 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.463913918 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.463943958 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.463949919 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.463967085 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.463984966 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.464370012 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.464387894 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.464432955 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.464441061 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.464493036 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.547255993 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.547290087 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.547350883 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.547377110 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.547405958 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.547424078 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.547744036 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.547770023 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.547813892 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.547821045 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.547842979 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.547866106 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.548345089 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.548365116 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.548397064 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.548397064 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.548412085 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.548425913 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.548449039 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.548460007 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.548500061 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.548527956 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.548567057 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.549101114 CEST49387443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:52.549113035 CEST44349387152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:52.582075119 CEST49672443192.168.2.4173.222.162.32
                                  Jul 3, 2024 18:09:52.582118034 CEST44349672173.222.162.32192.168.2.4
                                  Jul 3, 2024 18:09:53.500873089 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:53.500911951 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:53.501070976 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:53.501548052 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:53.501558065 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:53.505614042 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:53.505646944 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:53.505705118 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:53.506032944 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:53.506047010 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:53.561794996 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:53.561844110 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:53.561901093 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:53.561901093 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:53.561912060 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:53.562022924 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:53.562314034 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:53.562328100 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:53.562509060 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:53.562520027 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:54.175698996 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.178392887 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.193722010 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.193732977 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.194128990 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.194324970 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.194353104 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.194811106 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.196091890 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.196187019 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.197019100 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.197114944 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.202032089 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.202649117 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.248501062 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.248506069 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.305017948 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.305099964 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.305378914 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.332628012 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.332648993 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.332664013 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.332701921 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.332721949 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.332786083 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.369699955 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:54.393917084 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:54.412550926 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:54.422303915 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.422329903 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.422398090 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.422413111 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.422472000 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.422472000 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.422570944 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.422641039 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:54.422663927 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.422740936 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:54.604504108 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:54.608293056 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.205589056 CEST8049723217.20.57.18192.168.2.4
                                  Jul 3, 2024 18:09:55.205921888 CEST4972380192.168.2.4217.20.57.18
                                  Jul 3, 2024 18:09:55.281574011 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.281605005 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.281698942 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.281711102 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.282788038 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.282892942 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.283201933 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.283307076 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.285017014 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.285099983 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.285821915 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.285934925 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.286016941 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.286016941 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.286027908 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.286040068 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.291071892 CEST4972380192.168.2.4217.20.57.18
                                  Jul 3, 2024 18:09:55.296888113 CEST8049723217.20.57.18192.168.2.4
                                  Jul 3, 2024 18:09:55.336031914 CEST49394443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:55.336060047 CEST4434939413.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:55.356559992 CEST49395443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:55.356587887 CEST4434939513.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:55.418127060 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.418127060 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.465922117 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.466866970 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.466876030 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.466958046 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.466983080 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.466996908 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.467032909 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.467058897 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.488627911 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490025997 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490034103 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490067959 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490083933 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490092993 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490098953 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.490109921 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490135908 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.490300894 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.490300894 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.495460987 CEST49397443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.495481014 CEST44349397152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.566593885 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.566606045 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.566627026 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.566633940 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.566682100 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.566700935 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.566721916 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.568983078 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.568990946 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.568999052 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.569020987 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.569264889 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.569264889 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.569274902 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.656527042 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.656573057 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.656586885 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.656599045 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.656608105 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.656622887 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.656677961 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.658719063 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.658726931 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.658751965 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.658761024 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.658768892 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.658782005 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.658792973 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.658799887 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.658885002 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.658885002 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.660972118 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661000013 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661010981 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661022902 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661077976 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.661077976 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.661089897 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661753893 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661767960 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661787987 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.661830902 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.661838055 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.662038088 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.716909885 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.748745918 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.748759031 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.748789072 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.748800993 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.748852015 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.748868942 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.749237061 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.749237061 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.749419928 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.749428988 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.749449968 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.749476910 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.749483109 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.749528885 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.749528885 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.750036955 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.750051975 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.750843048 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.750849962 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.751662016 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.753374100 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.753390074 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.753436089 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.753442049 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.753489971 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.753489971 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.753845930 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.753865957 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.753917933 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.753922939 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.754064083 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.754401922 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.754416943 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.754477024 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.754482031 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.754518986 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.754518986 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.754997015 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.755012989 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.755095959 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.755101919 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.755151033 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.850831032 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.850860119 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.850934982 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.850961924 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.851027966 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.851336956 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.851353884 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.851588011 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.851593971 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.852052927 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.852056980 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.852061987 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.852077007 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.852116108 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.852159023 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.852159023 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.852159023 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.852164984 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.852181911 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:55.852245092 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.852430105 CEST49398443192.168.2.4152.199.21.175
                                  Jul 3, 2024 18:09:55.852442980 CEST44349398152.199.21.175192.168.2.4
                                  Jul 3, 2024 18:09:56.049968958 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.050003052 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.050132990 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.055500031 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.055512905 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.720905066 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.721189022 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.721203089 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.721559048 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.722204924 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.722297907 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.722507000 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.768498898 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.828356981 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.828423023 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:09:56.828577995 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.849909067 CEST49402443192.168.2.413.107.246.60
                                  Jul 3, 2024 18:09:56.849930048 CEST4434940213.107.246.60192.168.2.4
                                  Jul 3, 2024 18:10:09.164347887 CEST8049724217.20.57.18192.168.2.4
                                  Jul 3, 2024 18:10:09.164767027 CEST4972480192.168.2.4217.20.57.18
                                  Jul 3, 2024 18:10:09.164767027 CEST4972480192.168.2.4217.20.57.18
                                  Jul 3, 2024 18:10:09.169584036 CEST8049724217.20.57.18192.168.2.4
                                  Jul 3, 2024 18:10:39.430392027 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:39.430459976 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:39.430552006 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:39.430954933 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:39.430969000 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:40.103441000 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:40.104015112 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:40.104044914 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:40.104391098 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:40.106724977 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:40.106794119 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:40.146639109 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:49.990606070 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:49.990665913 CEST44349410142.250.185.68192.168.2.4
                                  Jul 3, 2024 18:10:49.990725040 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:50.177357912 CEST49410443192.168.2.4142.250.185.68
                                  Jul 3, 2024 18:10:50.177387953 CEST44349410142.250.185.68192.168.2.4

                                  UDP Packets

                                  TimestampSource PortDest PortSource IPDest IP
                                  Jul 3, 2024 18:09:36.571841002 CEST53624141.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:36.681421041 CEST53565721.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:37.696088076 CEST53592581.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:38.548715115 CEST4958753192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:38.548911095 CEST4930353192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:39.369508982 CEST6343153192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:39.369718075 CEST6474353192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:39.376836061 CEST53647431.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:39.377578020 CEST53634311.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:40.780509949 CEST53502141.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:41.515642881 CEST6528953192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:41.515969992 CEST5877353192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:45.548666000 CEST6228053192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:45.549541950 CEST6126553192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:45.579127073 CEST6227353192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:45.579335928 CEST5939653192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:45.586091042 CEST53622731.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:45.587207079 CEST53593961.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:51.096422911 CEST5790753192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:51.096712112 CEST6226953192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:51.097935915 CEST5551653192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:51.098442078 CEST5258753192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:51.105927944 CEST53555161.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:51.108670950 CEST53525871.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:53.522382975 CEST53540921.1.1.1192.168.2.4
                                  Jul 3, 2024 18:09:53.539727926 CEST5011353192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:53.540385962 CEST6483853192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:55.492423058 CEST138138192.168.2.4192.168.2.255
                                  Jul 3, 2024 18:09:56.045383930 CEST5062653192.168.2.41.1.1.1
                                  Jul 3, 2024 18:09:56.045838118 CEST5426653192.168.2.41.1.1.1
                                  Jul 3, 2024 18:10:35.938285112 CEST53547901.1.1.1192.168.2.4
                                  Jul 3, 2024 18:10:46.358963966 CEST5225353192.168.2.41.1.1.1
                                  Jul 3, 2024 18:10:46.359127998 CEST5085053192.168.2.41.1.1.1

                                  DNS Queries

                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                  Jul 3, 2024 18:09:38.548715115 CEST192.168.2.41.1.1.10x3b46Standard query (0)gerflorgroup.sharepoint.comA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.548911095 CEST192.168.2.41.1.1.10x952fStandard query (0)gerflorgroup.sharepoint.com65IN (0x0001)false
                                  Jul 3, 2024 18:09:39.369508982 CEST192.168.2.41.1.1.10xdc72Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:39.369718075 CEST192.168.2.41.1.1.10xa25Standard query (0)www.google.com65IN (0x0001)false
                                  Jul 3, 2024 18:09:41.515642881 CEST192.168.2.41.1.1.10x6813Standard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:41.515969992 CEST192.168.2.41.1.1.10x6ae2Standard query (0)login.microsoftonline.com65IN (0x0001)false
                                  Jul 3, 2024 18:09:45.548666000 CEST192.168.2.41.1.1.10x1eaStandard query (0)identity.nel.measure.office.netA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.549541950 CEST192.168.2.41.1.1.10xe0dStandard query (0)identity.nel.measure.office.net65IN (0x0001)false
                                  Jul 3, 2024 18:09:45.579127073 CEST192.168.2.41.1.1.10xfcf7Standard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.579335928 CEST192.168.2.41.1.1.10x1a3eStandard query (0)aadcdn.msftauth.net65IN (0x0001)false
                                  Jul 3, 2024 18:09:51.096422911 CEST192.168.2.41.1.1.10xd8acStandard query (0)aadcdn.msauthimages.netA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.096712112 CEST192.168.2.41.1.1.10x26d7Standard query (0)aadcdn.msauthimages.net65IN (0x0001)false
                                  Jul 3, 2024 18:09:51.097935915 CEST192.168.2.41.1.1.10xa3abStandard query (0)autologon.microsoftazuread-sso.comA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.098442078 CEST192.168.2.41.1.1.10x20feStandard query (0)autologon.microsoftazuread-sso.com65IN (0x0001)false
                                  Jul 3, 2024 18:09:53.539727926 CEST192.168.2.41.1.1.10x3dc2Standard query (0)aadcdn.msauthimages.netA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.540385962 CEST192.168.2.41.1.1.10xe3a7Standard query (0)aadcdn.msauthimages.net65IN (0x0001)false
                                  Jul 3, 2024 18:09:56.045383930 CEST192.168.2.41.1.1.10xbb88Standard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:56.045838118 CEST192.168.2.41.1.1.10xee8bStandard query (0)login.microsoftonline.com65IN (0x0001)false
                                  Jul 3, 2024 18:10:46.358963966 CEST192.168.2.41.1.1.10xe000Standard query (0)identity.nel.measure.office.netA (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:10:46.359127998 CEST192.168.2.41.1.1.10xd02dStandard query (0)identity.nel.measure.office.net65IN (0x0001)false

                                  DNS Answers

                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                  Jul 3, 2024 18:09:38.592139959 CEST1.1.1.1192.168.2.40x952fNo error (0)gerflorgroup.sharepoint.com9511-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.592139959 CEST1.1.1.1192.168.2.40x952fNo error (0)9511-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com189047-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.592139959 CEST1.1.1.1192.168.2.40x952fNo error (0)189047-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com189047-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.680622101 CEST1.1.1.1192.168.2.40x3b46No error (0)gerflorgroup.sharepoint.com9511-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.680622101 CEST1.1.1.1192.168.2.40x3b46No error (0)9511-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com189047-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.680622101 CEST1.1.1.1192.168.2.40x3b46No error (0)189047-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com189047-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.680622101 CEST1.1.1.1192.168.2.40x3b46No error (0)189047-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.netdual-spo-0005.spo-msedge.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.680622101 CEST1.1.1.1192.168.2.40x3b46No error (0)dual-spo-0005.spo-msedge.net13.107.136.10A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:38.680622101 CEST1.1.1.1192.168.2.40x3b46No error (0)dual-spo-0005.spo-msedge.net13.107.138.10A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:39.376836061 CEST1.1.1.1192.168.2.40xa25No error (0)www.google.com65IN (0x0001)false
                                  Jul 3, 2024 18:09:39.377578020 CEST1.1.1.1192.168.2.40xdc72No error (0)www.google.com142.250.185.68A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:41.523665905 CEST1.1.1.1192.168.2.40x6813No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:41.524703979 CEST1.1.1.1192.168.2.40x6ae2No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:43.177344084 CEST1.1.1.1192.168.2.40xa1aNo error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:43.177344084 CEST1.1.1.1192.168.2.40xa1aNo error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.558012962 CEST1.1.1.1192.168.2.40xe0dNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.558271885 CEST1.1.1.1192.168.2.40x1eaNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.586091042 CEST1.1.1.1192.168.2.40xfcf7No error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.586091042 CEST1.1.1.1192.168.2.40xfcf7No error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.586091042 CEST1.1.1.1192.168.2.40xfcf7No error (0)sni1gl.wpc.omegacdn.net152.199.21.175A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.587207079 CEST1.1.1.1192.168.2.40x1a3eNo error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:45.587207079 CEST1.1.1.1192.168.2.40x1a3eNo error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:48.841825962 CEST1.1.1.1192.168.2.40xcf58No error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:48.841825962 CEST1.1.1.1192.168.2.40xcf58No error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.104264021 CEST1.1.1.1192.168.2.40xd8acNo error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.104264021 CEST1.1.1.1192.168.2.40xd8acNo error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.104264021 CEST1.1.1.1192.168.2.40xd8acNo error (0)sni1gl.wpc.upsiloncdn.net152.199.21.175A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.104286909 CEST1.1.1.1192.168.2.40x26d7No error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.104286909 CEST1.1.1.1192.168.2.40x26d7No error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com40.126.32.140A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com40.126.32.72A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com40.126.32.138A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com40.126.32.136A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com40.126.32.133A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com40.126.32.134A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com40.126.32.74A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:51.105927944 CEST1.1.1.1192.168.2.40xa3abNo error (0)autologon.microsoftazuread-sso.com20.190.160.17A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.383137941 CEST1.1.1.1192.168.2.40x4542No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.383137941 CEST1.1.1.1192.168.2.40x4542No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.549175024 CEST1.1.1.1192.168.2.40xe3a7No error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.549175024 CEST1.1.1.1192.168.2.40xe3a7No error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.550827980 CEST1.1.1.1192.168.2.40x3dc2No error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.550827980 CEST1.1.1.1192.168.2.40x3dc2No error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:53.550827980 CEST1.1.1.1192.168.2.40x3dc2No error (0)sni1gl.wpc.upsiloncdn.net152.199.21.175A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:09:56.052607059 CEST1.1.1.1192.168.2.40xbb88No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:56.053338051 CEST1.1.1.1192.168.2.40xee8bNo error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:56.687568903 CEST1.1.1.1192.168.2.40xa92fNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:09:56.687568903 CEST1.1.1.1192.168.2.40xa92fNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:10:08.765306950 CEST1.1.1.1192.168.2.40x4a24No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:10:08.765306950 CEST1.1.1.1192.168.2.40x4a24No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                  Jul 3, 2024 18:10:46.367232084 CEST1.1.1.1192.168.2.40xd02dNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:10:46.372344971 CEST1.1.1.1192.168.2.40xe000No error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:10:49.018001080 CEST1.1.1.1192.168.2.40xd30cNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                  Jul 3, 2024 18:10:49.018001080 CEST1.1.1.1192.168.2.40xd30cNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

                                  HTTP Request Dependency Graph

                                  • gerflorgroup.sharepoint.com
                                  • fs.microsoft.com
                                  • https:
                                    • aadcdn.msauth.net
                                    • aadcdn.msauthimages.net

                                  HTTPS Proxied Packets

                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  0192.168.2.44973513.107.136.104434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:39 UTC766OUTGET /:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5 HTTP/1.1
                                  Host: gerflorgroup.sharepoint.com
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  sec-ch-ua-platform: "Windows"
                                  Upgrade-Insecure-Requests: 1
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: navigate
                                  Sec-Fetch-User: ?1
                                  Sec-Fetch-Dest: document
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:39 UTC975INHTTP/1.1 301 Moved Permanently
                                  Content-Type: text/plain
                                  Location: https://gerflorgroup.sharepoint.com/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5&CID=3fe29633-5e6a-408a-829e-9afd7241a358
                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                  X-NetworkStatistics: 0,525568,0,0,643538,0,140868,73
                                  SPRequestGuid: 8ab838a1-90b1-9000-3b57-f51137af5b70
                                  request-id: 8ab838a1-90b1-9000-3b57-f51137af5b70
                                  MS-CV: oTi4irGQAJA7V/URN69bcA.0
                                  Strict-Transport-Security: max-age=31536000
                                  SPRequestDuration: 5
                                  SPIisLatency: 1
                                  X-Powered-By: ASP.NET
                                  MicrosoftSharePointTeamServices: 16.0.0.25012
                                  X-Content-Type-Options: nosniff
                                  X-MS-InvokeApp: 1; RequireReadOnly
                                  X-Cache: CONFIG_NOCACHE
                                  X-MSEdge-Ref: Ref A: 96DE56296D184560A6659B0D13BD8772 Ref B: EWR311000104027 Ref C: 2024-07-03T16:09:39Z
                                  Date: Wed, 03 Jul 2024 16:09:38 GMT
                                  Connection: close
                                  Content-Length: 0


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  1192.168.2.44973613.107.136.104434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:39 UTC801OUTGET /sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5&CID=3fe29633-5e6a-408a-829e-9afd7241a358 HTTP/1.1
                                  Host: gerflorgroup.sharepoint.com
                                  Connection: keep-alive
                                  Upgrade-Insecure-Requests: 1
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: navigate
                                  Sec-Fetch-User: ?1
                                  Sec-Fetch-Dest: document
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  sec-ch-ua-platform: "Windows"
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:39 UTC2224INHTTP/1.1 302 Found
                                  Content-Length: 399
                                  Content-Type: text/html; charset=utf-8
                                  Location: https://gerflorgroup.sharepoint.com/sites/InternationalFinanceSeminar-June2024/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInternationalFinanceSeminar%2DJune2024%2FShared%20Documents%2FGeneral%3Fcsf%3D1%26web%3D1%26e%3D2fBDL5%26CID%3D3fe29633%2D5e6a%2D408a%2D829e%2D9afd7241a358
                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                  X-NetworkStatistics: 0,525568,0,75,7152932,0,525568,73
                                  X-SharePointHealthScore: 2
                                  X-DataBoundary: EU
                                  X-1DSCollectorUrl: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/
                                  X-AriaCollectorURL: https://eu-mobile.events.data.microsoft.com/Collector/3.0
                                  SPRequestGuid: 8ab838a1-20be-9000-3b57-fd4dd0fd667e
                                  request-id: 8ab838a1-20be-9000-3b57-fd4dd0fd667e
                                  MS-CV: oTi4ir4gAJA7V/1N0P1mfg.0
                                  Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]}
                                  NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
                                  Strict-Transport-Security: max-age=31536000
                                  X-FRAME-OPTIONS: SAMEORIGIN
                                  Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com *.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
                                  SPRequestDuration: 34
                                  SPIisLatency: 1
                                  X-Powered-By: ASP.NET
                                  MicrosoftSharePointTeamServices: 16.0.0.25012
                                  X-Content-Type-Options: nosniff
                                  X-MS-InvokeApp: 1; RequireReadOnly
                                  X-Cache: CONFIG_NOCACHE
                                  X-MSEdge-Ref: Ref A: 01CE21E571764B2B9F5BD623165410B9 Ref B: EWR311000104017 Ref C: 2024-07-03T16:09:39Z
                                  Date: Wed, 03 Jul 2024 16:09:38 GMT
                                  Connection: close
                                  2024-07-03 16:09:39 UTC399INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 65 72 66 6c 6f 72 67 72 6f 75 70 2e 73 68 61 72 65 70 6f 69 6e 74 2e 63 6f 6d 2f 73 69 74 65 73 2f 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 46 69 6e 61 6e 63 65 53 65 6d 69 6e 61 72 2d 4a 75 6e 65 32 30 32 34 2f 5f 6c 61 79 6f 75 74 73 2f 31 35 2f 41 75 74 68 65 6e 74 69 63 61 74 65 2e 61 73 70 78 3f 53 6f 75 72 63 65 3d 25 32 46 73 69 74 65 73 25 32 46 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 46 69 6e 61 6e 63 65 53 65 6d 69 6e 61 72 25 32 44 4a 75 6e 65 32 30 32 34 25 32 46 53 68 61 72
                                  Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://gerflorgroup.sharepoint.com/sites/InternationalFinanceSeminar-June2024/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInternationalFinanceSeminar%2DJune2024%2FShar


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  2192.168.2.44974013.107.136.104434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:40 UTC916OUTGET /sites/InternationalFinanceSeminar-June2024/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FInternationalFinanceSeminar%2DJune2024%2FShared%20Documents%2FGeneral%3Fcsf%3D1%26web%3D1%26e%3D2fBDL5%26CID%3D3fe29633%2D5e6a%2D408a%2D829e%2D9afd7241a358 HTTP/1.1
                                  Host: gerflorgroup.sharepoint.com
                                  Connection: keep-alive
                                  Upgrade-Insecure-Requests: 1
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: navigate
                                  Sec-Fetch-User: ?1
                                  Sec-Fetch-Dest: document
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  sec-ch-ua-platform: "Windows"
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:40 UTC2101INHTTP/1.1 302 Found
                                  Cache-Control: private
                                  Content-Length: 463
                                  Content-Type: text/html; charset=utf-8
                                  Location: /_forms/default.aspx?ReturnUrl=%2fsites%2fInternationalFinanceSeminar-June2024%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInternationalFinanceSeminar%252DJune2024%252FShared%2520Documents%252FGeneral%253Fcsf%253D1%2526web%253D1%2526e%253D2fBDL5%2526CID%253D3fe29633%252D5e6a%252D408a%252D829e%252D9afd7241a358&Source=cookie
                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                  Set-Cookie: RpsContextCookie=U291cmNlPSUyRnNpdGVzJTJGSW50ZXJuYXRpb25hbEZpbmFuY2VTZW1pbmFyJTJESnVuZTIwMjQlMkZTaGFyZWQlMjBEb2N1bWVudHMlMkZHZW5lcmFsJTNGY3NmJTNEMSUyNndlYiUzRDElMjZlJTNEMmZCREw1JTI2Q0lEJTNEM2ZlMjk2MzMlMkQ1ZTZhJTJENDA4YSUyRDgyOWUlMkQ5YWZkNzI0MWEzNTg=; expires=Wed, 03-Jul-2024 16:19:40 GMT; path=/; SameSite=None; secure; HttpOnly
                                  X-NetworkStatistics: 0,525568,0,0,221373,0,34900,73
                                  X-SharePointHealthScore: 0
                                  X-AspNet-Version: 4.0.30319
                                  X-DataBoundary: EU
                                  X-1DSCollectorUrl: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/
                                  X-AriaCollectorURL: https://eu-mobile.events.data.microsoft.com/Collector/3.0
                                  SPRequestGuid: 8ab838a1-c0f2-9000-3ea7-d993a4532c81
                                  request-id: 8ab838a1-c0f2-9000-3ea7-d993a4532c81
                                  MS-CV: oTi4ivLAAJA+p9mTpFMsgQ.0
                                  Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-EWR31r5b&frontEnd=AFD&RemoteIP=8.46.123.0"}]}
                                  NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
                                  Strict-Transport-Security: max-age=31536000
                                  SPRequestDuration: 28
                                  SPIisLatency: 1
                                  X-Powered-By: ASP.NET
                                  MicrosoftSharePointTeamServices: 16.0.0.25012
                                  X-Content-Type-Options: nosniff
                                  X-MS-InvokeApp: 1; RequireReadOnly
                                  X-Cache: CONFIG_NOCACHE
                                  X-MSEdge-Ref: Ref A: CFB1D54999D944C4BCAA2E0B4EC67CE2 Ref B: EWR311000104053 Ref C: 2024-07-03T16:09:40Z
                                  Date: Wed, 03 Jul 2024 16:09:40 GMT
                                  Connection: close
                                  2024-07-03 16:09:40 UTC463INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 2f 5f 66 6f 72 6d 73 2f 64 65 66 61 75 6c 74 2e 61 73 70 78 3f 52 65 74 75 72 6e 55 72 6c 3d 25 32 66 73 69 74 65 73 25 32 66 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 46 69 6e 61 6e 63 65 53 65 6d 69 6e 61 72 2d 4a 75 6e 65 32 30 32 34 25 32 66 5f 6c 61 79 6f 75 74 73 25 32 66 31 35 25 32 66 41 75 74 68 65 6e 74 69 63 61 74 65 2e 61 73 70 78 25 33 66 53 6f 75 72 63 65 25 33 64 25 32 35 32 46 73 69 74 65 73 25 32 35 32 46 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 46 69 6e 61 6e 63 65 53 65 6d 69 6e 61 72 25 32 35 32
                                  Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="/_forms/default.aspx?ReturnUrl=%2fsites%2fInternationalFinanceSeminar-June2024%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInternationalFinanceSeminar%252


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  3192.168.2.44974113.107.136.104434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:41 UTC1270OUTGET /_forms/default.aspx?ReturnUrl=%2fsites%2fInternationalFinanceSeminar-June2024%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FInternationalFinanceSeminar%252DJune2024%252FShared%2520Documents%252FGeneral%253Fcsf%253D1%2526web%253D1%2526e%253D2fBDL5%2526CID%253D3fe29633%252D5e6a%252D408a%252D829e%252D9afd7241a358&Source=cookie HTTP/1.1
                                  Host: gerflorgroup.sharepoint.com
                                  Connection: keep-alive
                                  Upgrade-Insecure-Requests: 1
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: navigate
                                  Sec-Fetch-User: ?1
                                  Sec-Fetch-Dest: document
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  sec-ch-ua-platform: "Windows"
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  Cookie: RpsContextCookie=U291cmNlPSUyRnNpdGVzJTJGSW50ZXJuYXRpb25hbEZpbmFuY2VTZW1pbmFyJTJESnVuZTIwMjQlMkZTaGFyZWQlMjBEb2N1bWVudHMlMkZHZW5lcmFsJTNGY3NmJTNEMSUyNndlYiUzRDElMjZlJTNEMmZCREw1JTI2Q0lEJTNEM2ZlMjk2MzMlMkQ1ZTZhJTJENDA4YSUyRDgyOWUlMkQ5YWZkNzI0MWEzNTg=
                                  2024-07-03 16:09:41 UTC4061INHTTP/1.1 302 Found
                                  Cache-Control: no-cache, no-store
                                  Pragma: no-cache
                                  Content-Length: 883
                                  Content-Type: text/html; charset=utf-8
                                  Expires: -1
                                  Location: https://login.microsoftonline.com:443/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=89A415978CA67BC4C207C162A5652D886813F16C0BA377BE%2D83FA823685898D87B2E594CB2A280779C93357D0093D93305029EA0200C68CA7&redirect%5Furi=https%3A%2F%2Fgerflorgroup%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=8bb838a1%2D402c%2D9000%2D3b57%2Df687b267f4cd
                                  P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                  Set-Cookie: nSGt-89A415978CA67BC4C207C162A5652D886813F16C0BA377BE=gYEwMDkzRDY1NTJEQkIyOUI2NzI2NzYyODg1QTA1RDIwMDk4QTNBRDg5ODE5QkU1MzEwMDg5QTQxNTk3OENBNjdCQzRDMjA3QzE2MkE1NjUyRDg4NjgxM0YxNkMwQkEzNzdCRRIxMzM2NDQ5NjgyMTMzMTczNTUbZ2VyZmxvcmdyb3VwLnNoYXJlcG9pbnQuY29tdb+uRGP3VsDDJHrZ3IZq6NVGCCFEUBR+rn2Wo8oE2KxdSNt0P9NPYIRu4Ca7SSljAudM+k639Qu37SIREc+S5QzIbaNZZEkQ5/rozWXwgbAZeqjA0iAbRGouZ4aBqV5hQBPgh/aD4eiaCkytalZ9IL3eQevBmm2S0U7mz1u8GNyJYXwR2v3WdZC2b8xDwjuiiStOXIY/EHhklAzzJqlnpCBcuHt1g95ydKjBYXPb+KjLjbW0G2I2WzIOjlcKEvYCzhaMA2WaFfvV/THbcL3gf9Y3Kp0TyZ8ogiW7QVo/b8niapB9v9JQrWPdES3baQGEwRYkYw7Bj2t59EcNCRh6n5MAAAA=; expires=Wed, 03-Jul-2024 16:13:41 GMT; path=/; SameSite=None; secure; HttpOnly
                                  Set-Cookie: nSGt-89A415978CA67BC4C207C162A5652D886813F16C0BA377BE=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; SameSite=None; Partitioned; secure; HttpOnly
                                  Set-Cookie: RpsContextCookie=U291cmNlPSUyRnNpdGVzJTJGSW50ZXJuYXRpb25hbEZpbmFuY2VTZW1pbmFyJTJESnVuZTIwMjQlMkZTaGFyZWQlMjBEb2N1bWVudHMlMkZHZW5lcmFsJTNGY3NmJTNEMSUyNndlYiUzRDElMjZlJTNEMmZCREw1JTI2Q0lEJTNEM2ZlMjk2MzMlMkQ1ZTZhJTJENDA4YSUyRDgyOWUlMkQ5YWZkNzI0MWEzNTgmUHJldmlvdXNSZXF1ZXN0Q29ycmVsYXRpb25JZD04YmI4MzhhMSUyRDQwMmMlMkQ5MDAwJTJEM2I1NyUyRGY2ODdiMjY3ZjRjZCZSZXR1cm5Vcmw9JTJGc2l0ZXMlMkZJbnRlcm5hdGlvbmFsRmluYW5jZVNlbWluYXIlMkRKdW5lMjAyNCUyRiU1RmxheW91dHMlMkYxNSUyRkF1dGhlbnRpY2F0ZSUyRWFzcHglM0ZTb3VyY2UlM0QlMjUyRnNpdGVzJTI1MkZJbnRlcm5hdGlvbmFsRmluYW5jZVNlbWluYXIlMjUyREp1bmUyMDI0JTI1MkZTaGFyZWQlMjUyMERvY3VtZW50cyUyNTJGR2VuZXJhbCUyNTNGY3NmJTI1M0QxJTI1MjZ3ZWIlMjUzRDElMjUyNmUlMjUzRDJmQkRMNSUyNTI2Q0lEJTI1M0QzZmUyOTYzMyUyNTJENWU2YSUyNTJENDA4YSUyNTJEODI5ZSUyNTJEOWFmZDcyNDFhMzU4; expires=Wed, 03-Jul-2024 16:19:41 GMT; path=/; SameSite=None; secure; HttpOnly
                                  Set-Cookie: RpsContextCookie=; expires=Thu, 01-Jan-1970 08:00:00 GMT; path=/; SameSite=None; Partitioned; secure; HttpOnly
                                  X-NetworkStatistics: 0,525568,0,296,3523261,0,518840,74
                                  X-SharePointHealthScore: 3
                                  X-AspNet-Version: 4.0.30319
                                  X-DataBoundary: EU
                                  X-1DSCollectorUrl: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/
                                  X-AriaCollectorURL: https://eu-mobile.events.data.microsoft.com/Collector/3.0
                                  SPRequestGuid: 8bb838a1-402c-9000-3b57-f687b267f4cd
                                  request-id: 8bb838a1-402c-9000-3b57-f687b267f4cd
                                  MS-CV: oTi4iyxAAJA7V/aHsmf0zQ.0
                                  Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=5638371b-5458-4435-9168-bf28558d5370&destinationEndpoint=Edge-Prod-EWR31r5a&frontEnd=AFD&RemoteIP=8.46.123.0"}]}
                                  NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
                                  Strict-Transport-Security: max-age=31536000
                                  SPRequestDuration: 53
                                  SPIisLatency: 1
                                  Include-Referred-Token-Binding-ID: true
                                  X-Powered-By: ASP.NET
                                  MicrosoftSharePointTeamServices: 16.0.0.25012
                                  X-Content-Type-Options: nosniff
                                  X-MS-InvokeApp: 1; RequireReadOnly
                                  X-Cache: CONFIG_NOCACHE
                                  X-MSEdge-Ref: Ref A: 27A18CD72D0C4043893438BA97DE03E4 Ref B: EWR311000101035 Ref C: 2024-07-03T16:09:41Z
                                  Date: Wed, 03 Jul 2024 16:09:40 GMT
                                  Connection: close
                                  2024-07-03 16:09:41 UTC883INData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 6d 69 63 72 6f 73 6f 66 74 6f 6e 6c 69 6e 65 2e 63 6f 6d 3a 34 34 33 2f 35 36 33 38 33 37 31 62 2d 35 34 35 38 2d 34 34 33 35 2d 39 31 36 38 2d 62 66 32 38 35 35 38 64 35 33 37 30 2f 6f 61 75 74 68 32 2f 61 75 74 68 6f 72 69 7a 65 3f 63 6c 69 65 6e 74 25 35 46 69 64 3d 30 30 30 30 30 30 30 33 25 32 44 30 30 30 30 25 32 44 30 66 66 31 25 32 44 63 65 30 30 25 32 44 30 30 30 30 30 30 30 30 30 30 30 30 26 61 6d 70 3b 72 65 73 70 6f 6e 73 65 25 35 46 6d 6f 64 65 3d 66 6f 72
                                  Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://login.microsoftonline.com:443/5638371b-5458-4435-9168-bf28558d5370/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&amp;response%5Fmode=for


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  4192.168.2.449365184.28.90.27443
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:42 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                  Connection: Keep-Alive
                                  Accept: */*
                                  Accept-Encoding: identity
                                  User-Agent: Microsoft BITS/7.8
                                  Host: fs.microsoft.com
                                  2024-07-03 16:09:42 UTC466INHTTP/1.1 200 OK
                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                  Content-Type: application/octet-stream
                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                  Server: ECAcc (lpl/EF06)
                                  X-CID: 11
                                  X-Ms-ApiVersion: Distribute 1.2
                                  X-Ms-Region: prod-neu-z1
                                  Cache-Control: public, max-age=86362
                                  Date: Wed, 03 Jul 2024 16:09:42 GMT
                                  Connection: close
                                  X-CID: 2


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  5192.168.2.449368184.28.90.27443
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:43 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                  Connection: Keep-Alive
                                  Accept: */*
                                  Accept-Encoding: identity
                                  If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                  Range: bytes=0-2147483646
                                  User-Agent: Microsoft BITS/7.8
                                  Host: fs.microsoft.com
                                  2024-07-03 16:09:43 UTC514INHTTP/1.1 200 OK
                                  ApiVersion: Distribute 1.1
                                  Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                  Content-Type: application/octet-stream
                                  ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                  Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                  Server: ECAcc (lpl/EF06)
                                  X-CID: 11
                                  X-Ms-ApiVersion: Distribute 1.2
                                  X-Ms-Region: prod-weu-z1
                                  Cache-Control: public, max-age=86371
                                  Date: Wed, 03 Jul 2024 16:09:43 GMT
                                  Content-Length: 55
                                  Connection: close
                                  X-CID: 2
                                  2024-07-03 16:09:43 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                  Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  6192.168.2.44936913.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:43 UTC633OUTGET /shared/1.0/content/js/BssoInterrupt_Core_sw-M8KkV3_nBot-G1ImRcw2.js HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  Origin: https://login.microsoftonline.com
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: */*
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: script
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:43 UTC797INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:43 GMT
                                  Content-Type: application/x-javascript
                                  Content-Length: 49696
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Fri, 24 May 2024 22:13:21 GMT
                                  ETag: 0x8DC7C3EB8EDBF94
                                  x-ms-request-id: ed2f6aa1-401e-0055-1bcb-cad3dd000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160943Z-157bfc59976jcqxbycr83vx544000000097g00000000mufn
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:43 UTC15587INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd eb 5b e3 38 d2 38 fa fd fd 2b 82 77 0f 13 4f 4c c8 05 68 70 da 9d 5f 1a e8 6e 66 80 30 24 cc e5 05 96 c7 89 15 f0 74 b0 b3 b6 c3 65 20 e7 6f 3f 75 91 6c d9 71 e8 9e dd f3 9c 2f 67 2e c4 96 4a b2 54 aa 2a 55 95 4a d2 e6 8f 6b ff 53 f9 b1 b2 f1 fd ff 54 06 c3 de f9 b0 d2 ff 54 19 7e 39 3a 3f a8 9c c1 db 1f 95 d3 fe f0 68 ff f0 fb eb c1 8f e2 ff c3 3b 3f ae 4c fc a9 a8 c0 ef c8 8d 85 57 09 83 4a 18 55 fc 60 1c 46 b3 30 72 13 11 57 ee e1 6f e4 bb d3 ca 24 0a ef 2b c9 9d a8 cc a2 f0 4f 31 4e e2 ca d4 8f 13 28 34 12 d3 f0 b1 52 85 ea 22 af 72 e6 46 c9 73 e5 e8 cc ac 43 fd 02 6a f3 6f fd 00 4a 8f c3 d9 33 3c df 25 95 20 4c fc b1 a8 b8 81 47 b5 4d e1 25 88 45 65 1e 78 22 aa 3c de f9 e3 bb ca 89 3f 8e c2 38 9c 24 95 48 8c 85 ff
                                  Data Ascii: [88+wOLhp_nf0$te o?ulq/g.JT*UJkSTT~9:?h;?LWJU`F0rWo$+O1N(4R"rFsCjoJ3<% LGM%Eex"<?8$H
                                  2024-07-03 16:09:44 UTC16384INData Raw: 2e b7 f6 3f f6 cf 11 8a 63 a5 49 a4 a8 49 28 d5 0d 41 59 e3 36 4b e1 be dd c8 64 fa 76 93 fc 38 74 42 0b 75 16 78 23 72 79 77 a4 26 b6 6d 43 64 2f 6c 19 d9 74 94 90 61 91 60 34 f0 86 29 63 e5 69 ae 49 b5 65 76 82 3a 1d fc 74 11 80 41 e2 c1 88 1c 3e e1 11 1b 00 db 07 eb f8 4f 26 f5 dc 61 9e e2 d2 a0 a3 84 8c eb 6a c9 61 90 a2 83 77 39 02 26 c1 28 09 27 7c 4e 1a 9d a2 af 9d 9a 96 7e ab 22 0f 8f ad 44 ea 4b 76 c5 a8 e1 89 8b b1 50 0a 8c f6 11 f3 45 9e 51 b5 30 ad 06 5d 8b 00 a8 29 bd 0a 6f e9 e0 39 ed a6 b3 48 ab 31 b4 7c bc 95 21 bd e0 ae 6a 9a 75 94 ac 94 b1 aa 11 21 de 1c 60 e2 45 42 a6 f9 06 6e b7 4d 8b 4e 5d 69 e0 81 e6 78 0e 99 e5 32 c6 b3 53 2c 53 b4 e1 99 e6 78 24 cb dc f1 f1 84 18 32 00 e8 e8 65 3e ea 9f 8f a3 b7 c6 8e c0 ab 7d 26 cc 3b ec 27 40 fd
                                  Data Ascii: .?cII(AY6Kdv8tBux#ryw&mCd/lta`4)ciIev:tA>O&ajaw9&('|N~"DKvPEQ0])o9H1|!ju!`EBnMN]ix2S,Sx$2e>}&;'@
                                  2024-07-03 16:09:44 UTC16384INData Raw: 0e cf 44 6d 1e 41 54 1d 69 1d 00 32 87 8c 70 54 bd c4 49 e5 f3 7a f4 57 6d 21 e3 e3 28 9f c9 5e 7b a7 de e3 ad 96 b5 b6 5a 64 aa 0d c1 66 a8 dd 1d a4 50 a3 73 c5 d5 f6 8a 7f d5 6d e8 af f9 78 76 d2 ae b3 65 79 eb 8f 56 52 89 bd 02 4b 5d 8b 6c 9c ec da 22 a6 62 47 ab 46 ba 85 c4 37 58 97 52 1d 0f 18 dc 56 31 6f 99 71 74 e2 b7 0e a2 fa 41 5f aa d0 ba 8c f5 ac d7 2c 58 8e 74 a6 4d 9d 2b 73 d2 d0 2d b5 9f 06 9c 84 b6 c1 2a 36 cc 8a b2 40 3a 7e d3 40 df fa d7 2a 2d 92 09 47 3a e8 0b d7 be f2 dc 63 53 ac 35 2d 49 8f 5e 80 73 3e ff 1e c3 a9 d8 51 26 77 e7 44 62 6c ac 1b 24 0b 0b f9 0f 12 d7 79 5f 12 5d 51 5f f0 07 d3 15 f8 fc c1 93 97 cf 14 e1 42 9e 28 10 3c 50 78 90 c6 aa 69 d9 ec 9a 49 32 ad 43 ec 50 42 ed 82 8e 4c 96 c4 ae eb 6d 01 c2 64 60 e9 bb f9 56 77 b2
                                  Data Ascii: DmATi2pTIzWm!(^{ZdfPsmxveyVRK]l"bGF7XRV1oqtA_,XtM+s-*6@:~@*-G:cS5-I^s>Q&wDbl$y_]Q_B(<PxiI2CPBLmd`Vw
                                  2024-07-03 16:09:44 UTC1341INData Raw: af c7 23 18 0e a7 3e 06 23 48 88 f9 87 13 83 84 72 88 31 2d cc 3c 9f da 66 8d df 09 4d 5e b3 bb 47 09 c7 18 f5 f7 d6 55 7a 5f b9 01 6e 11 07 0a 1c d9 f5 fb 05 7b 3f 19 17 80 be 98 57 2d 92 59 26 82 49 8a 36 e5 8b 2b 65 1e 58 2d 18 ee d3 0b 52 db 21 24 56 0e 21 e2 92 4b dc 98 a0 69 b1 4d c6 67 27 5e af e9 76 fb ae a6 2b 07 b7 b7 6e d4 73 94 77 ef 01 78 8f fb e2 e0 00 6d 0e 0e 2f 22 8c 8e f2 5a 17 03 fa 01 12 96 aa 1c 75 70 1e 3d 08 df b8 6b 19 a2 a0 77 dd 99 09 0b 4c 4a 24 3d 28 9b 8d 1a b9 27 74 ee 1c d4 5d 79 e2 4a 86 09 e5 e4 ce 89 49 c3 9b d1 3c 2d ca 8a 63 bb c6 d9 d8 03 ef 19 8b 3a 1e 44 e5 fe 7d 67 b9 cc a6 d9 32 c9 17 67 17 e9 ec 2c 39 bb 98 5e 4c 3f 5e 9e 2f a8 2d f9 32 fd 98 3a ec 6c 8f 97 e0 06 44 3f 90 df 46 1c d7 24 62 2f f3 da df 61 df 1d 05
                                  Data Ascii: #>#Hr1-<fM^GUz_n{?W-Y&I6+eX-R!$V!KiMg'^v+nswxm/"Zup=kwLJ$=('t]yJI<-c:D}g2g,9^L?^/-2:lD?F$b/a


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  7192.168.2.44937513.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:46 UTC658OUTGET /ests/2.1/content/cdnbundles/converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  Origin: https://login.microsoftonline.com
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: text/css,*/*;q=0.1
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: style
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:46 UTC781INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:46 GMT
                                  Content-Type: text/css
                                  Content-Length: 20390
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Thu, 16 May 2024 00:58:09 GMT
                                  ETag: 0x8DC754341030FA7
                                  x-ms-request-id: 67fe5bb6-801e-0042-6799-c9608b000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160946Z-157bfc59976jdgdjb79ffzmezw00000001yg00000000syhd
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:46 UTC15603INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ed 7d 6b 73 e3 36 b2 e8 f7 f9 15 5c a7 52 3b ce 4a 8c 48 3d 2d 57 52 3b 99 cc 26 3e 67 5e 35 33 d9 47 a5 52 5b b4 44 59 3c 43 89 ba 24 65 8f 57 47 ff fd e2 8d 06 d0 20 29 8f b3 d9 7b 2b 27 67 13 0b dd 6c 00 dd 8d 06 1a e8 06 be fe ea 0f c1 f3 62 77 5f 66 37 eb 3a 78 fa fc 3c 78 95 2d ca a2 2a 56 35 29 2f 77 45 99 d4 59 b1 0d 83 67 79 1e 30 a4 2a 28 d3 2a 2d 6f d3 65 18 7c f5 f5 d7 5f fd e1 49 bf fb ff 05 ef 3f 3c 7b f7 21 78 f3 97 e0 c3 8f 57 ef be 0f de 92 5f ff 08 5e bf f9 70 f5 fc 45 d0 99 ca 93 27 1f d6 59 15 ac b2 3c 0d c8 7f af 93 2a 5d 06 c5 36 28 ca 20 db 2e 44 ab d3 2a d8 90 7f 97 59 92 07 ab b2 d8 04 f5 3a 0d 76 65 f1 3f e9 82 f4 21 cf aa 9a 7c 74 9d e6 c5 5d f0 94 90 2b 97 c1 db a4 ac ef 83 ab b7 e7 61 f0 81 e0 16
                                  Data Ascii: }ks6\R;JH=-WR;&>g^53GR[DY<C$eWG ){+'glbw_f7:x<x-*V5)/wEYgy0*(*-oe|_I?<{!xW_^pE'Y<*]6( .D*Y:ve?!|t]+a
                                  2024-07-03 16:09:46 UTC4787INData Raw: e7 bc b1 e2 92 61 7d df b0 68 ac ab 2c aa b1 88 da cb c6 22 89 f4 a2 b1 42 53 1e da 58 e7 55 1e b5 fb a5 96 31 c6 85 9c 5c 95 58 0f 77 34 04 a7 bc ef e9 bc 62 55 e4 cb 9d 46 11 60 f2 34 8a 20 ba 0a e1 1d 2d b3 ba 41 d4 6a 33 50 25 58 6c a8 15 02 68 eb 56 83 ba b5 a0 21 5d f4 aa e1 60 30 5e 26 13 b7 4f 5a e3 0c 32 50 fb 10 40 6b 9f fc 5a d9 82 86 f5 c9 a7 ad bc 4f 0f 53 c6 3e 8f 75 ef 81 fb bb e5 60 13 bf d0 d1 86 c0 d4 70 43 60 72 bc 81 ca 0c ee 7b ca cd 06 61 90 56 01 34 34 b4 0d 0f 13 81 b8 e1 dc 70 52 d0 d3 64 f3 b6 df 8a 2c 1c d2 a7 e1 c5 ec 1c b9 2b 18 00 b1 42 22 26 de 7d 9d 59 8d 1f 8e 83 89 00 6e 65 8f 64 aa a2 fc c3 d8 65 70 5f b6 f7 9c 65 7e ea 83 9d 2c f7 31 10 e4 08 df ce 47 c4 df 33 f4 3c 40 c9 2e 2b 17 af 8a ce 37 c9 36 db ed 73 c6 5e f7 a6
                                  Data Ascii: a}h,"BSXU1\Xw4bUF`4 -Aj3P%XlhV!]`0^&OZ2P@kZOS>u`pC`r{aV44pRd,+B"&}Ynedep_e~,1G3<@.+76s^


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  8192.168.2.44937313.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:46 UTC635OUTGET /shared/1.0/content/js/ConvergedLogin_PCore_Q3A1xKaK6oPrhbQSUwvJBQ2.js HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  Origin: https://login.microsoftonline.com
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: */*
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: script
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:46 UTC799INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:46 GMT
                                  Content-Type: application/x-javascript
                                  Content-Length: 121952
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Thu, 20 Jun 2024 02:14:05 GMT
                                  ETag: 0x8DC90CEA9270EFB
                                  x-ms-request-id: 39439e33-201e-0030-2763-cdc48f000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160946Z-157bfc59976jcqxbycr83vx54400000009ag000000003m09
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_MISS
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:46 UTC15585INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 6d 5b e3 48 92 00 f8 fd 7e 85 d1 cc 31 76 23 5c 92 df c0 a2 d4 ac cb 40 15 db 80 19 0c d5 bd 4b 31 3c b2 94 36 6a 64 c9 2b c9 bc 8c f1 fe f6 8b 88 cc 94 52 b6 4c 55 cd ee dd 3d f7 5c ef 6c 61 65 46 be 45 46 46 46 44 46 46 7e f8 65 eb ff a8 fc 52 d9 fd f1 ff 2a c3 eb de d5 75 65 70 52 b9 fe 72 7a 75 54 b9 84 af ff a8 5c 0c ae 4f fb c7 3f 5e 0f 36 8a ff 7f fd e0 27 95 b1 1f b0 0a fc 1d 39 09 f3 2a 51 58 89 e2 8a 1f ba 51 3c 8b 62 27 65 49 65 0a ff c6 be 13 54 c6 71 34 ad a4 0f ac 32 8b a3 3f 99 9b 26 95 c0 4f 52 28 34 62 41 f4 5c a9 42 75 b1 57 b9 74 e2 f4 b5 72 7a 59 ab 43 fd 0c 6a f3 27 7e 08 a5 dd 68 f6 0a bf 1f d2 4a 18 a5 be cb 2a 4e e8 51 6d 01 7c 84 09 ab cc 43 8f c5 95 e7 07 df 7d a8 9c fb 6e 1c 25 d1 38 ad c4 cc
                                  Data Ascii: m[H~1v#\@K1<6jd+RLU=\laeFEFFFDFF~eR*uepRrzuT\O?^6'9*QXQ<b'eIeTq42?&OR(4bA\BuWtrzYCj'~hJ*NQm|C}n%8
                                  2024-07-03 16:09:46 UTC16384INData Raw: dd 03 a8 3c 25 d5 15 ba 85 35 1e 6f f0 53 64 76 5c 2f f3 07 45 b3 e8 e6 7e 0b 77 36 dc 46 df 1b 80 f0 44 43 b0 25 1a 95 fc ba 2b 67 3a 81 45 87 e1 d4 60 9b d6 1c 0a b1 80 c1 0e 77 7d 1c c0 ae 8b 55 45 81 a6 2f 9e 7c f6 8c b6 c1 c0 5a f0 95 f4 35 4b 28 5b dd fe 3a cf 44 3d 4f 04 85 40 c4 24 a5 77 13 b8 6a 12 42 3e fa 24 2f f3 2b 08 c8 68 70 a6 53 72 d4 44 cb 21 d0 9a ac cf 4a ab cd 36 90 0b 3a ae 3f c4 51 88 af fc 6e 45 aa f2 e1 9f 3b 2f 74 ed 05 36 86 df c2 c8 7d 8c e6 29 f9 b9 67 14 9f bc bd 49 da aa 97 5f ab a9 fe 6c 8d b0 ee 14 1b 60 52 a4 74 58 9b 75 8a 0e 92 f0 c7 3c 48 36 d3 fe f2 df 7f 39 67 28 33 a1 2c 75 7f 36 84 6f 1e 8d 8c 79 f6 42 84 c1 e2 ef 1e 43 ce 8c 3f ad ca 0f 32 10 12 23 54 09 fd 01 f3 b3 f0 06 f9 53 0d a2 4a f9 2a 6b 11 4c 24 ae 34 4d
                                  Data Ascii: <%5oSdv\/E~w6FDC%+g:E`w}UE/|Z5K([:D=O@$wjB>$/+hpSrD!J6:?QnE;/t6})gI_l`RtXu<H69g(3,u6oyBC?2#TSJ*kL$4M
                                  2024-07-03 16:09:46 UTC16384INData Raw: 33 e1 84 ec c7 7d 81 44 c0 35 a1 34 c6 c2 8f 91 ce 50 e7 8d ba d9 41 84 a5 74 e6 c2 5d 2c 86 cd c0 ef 3d ec a5 7c 65 c3 4b 48 ad bb b2 e1 8d 3d 8d 8b 34 e1 a3 64 b2 96 dd 7e b3 58 04 a3 30 a1 60 7a 51 e6 55 3d 49 a7 66 31 0e ce 61 ce 69 5e c5 e2 a2 95 2a 50 13 19 3b 7a cc ea 6a db 87 db c5 90 78 e2 3d 9c 69 00 91 7b d9 07 d6 31 a7 46 ca 2b 39 6f 28 5b 46 b9 9a 6a d4 d6 8d bc 0b 75 6d 6c 01 a6 cf 74 8e b1 bb 4c 57 2e 54 ef 9b eb d5 df df da cb 89 1c b2 d2 6d 44 46 82 5c a3 6a 87 16 62 5c d3 9c a0 9a 56 7b 74 ae ac e5 ad 74 37 9b 87 54 0c e9 b0 d7 22 13 53 33 16 f0 da 7a bb 14 0b 38 fb db 71 80 6f 6d f1 79 1c 60 3a 2b 39 54 4f 9a 2a e8 8b a4 be 43 e4 d8 aa df eb e2 a5 9f 94 a2 be 84 2b 2f b1 48 7d 70 a7 f0 6c 79 c3 5f 5e 79 b9 71 0e 45 48 c4 11 3e 90 e9 76
                                  Data Ascii: 3}D54PAt],=|eKH=4d~X0`zQU=If1ai^*P;zjx=i{1F+9o([FjumltLW.TmDF\jb\V{tt7T"S3z8qomy`:+9TO*C+/H}ply_^yqEH>v
                                  2024-07-03 16:09:46 UTC16384INData Raw: 6f 7a 62 62 8a 7b 61 6c 01 e2 fa 14 52 16 3d fb a7 61 22 a5 56 48 53 bf 47 d7 12 f0 44 d4 60 cb 69 17 5e fe 24 cd e3 e1 fd e7 2b 91 b0 19 60 76 9c a7 63 28 93 76 a3 20 c6 88 36 3d b7 46 a9 01 63 8f f8 52 99 64 e6 93 d1 19 60 eb 35 2a 5c 2d f2 80 57 d1 4d fa 5e 55 f9 be c1 12 09 54 6e 43 94 2a ea a3 e3 f3 ac 01 44 68 83 84 57 8d ef d1 6f d0 f7 3e e0 09 fd 68 8a 4f 6d de 88 b3 06 4a 70 b5 cf 7f 44 bc d8 56 9c 5a 8d 46 8d 74 08 d3 43 f9 aa 34 27 6f 92 e2 cf fb 1e d9 83 be 97 56 df d6 d4 f4 32 c7 e8 8a a3 ca 44 c6 c9 c4 08 39 13 54 aa 21 cf 7a 72 73 e9 e4 21 0a 4c de 1b b8 69 5e d5 63 40 c1 c8 fd dd 24 83 47 19 a0 dd 24 bf 07 80 a4 90 17 ec 09 00 30 ea e3 cc 7c ae 51 39 92 e2 f7 69 34 8a f3 fb 6d d6 5e 85 7d 8c 46 5f a2 fb cc 41 63 4d 3c 94 80 83 30 87 fc 38
                                  Data Ascii: ozbb{alR=a"VHSGD`i^$+`vc(v 6=FcRd`5*\-WM^UTnC*DhWo>hOmJpDVZFtC4'oV2D9T!zrs!Li^c@$G$0|Q9i4m^}F_AcM<08
                                  2024-07-03 16:09:46 UTC16384INData Raw: 74 64 09 d2 1c 48 e3 d4 d9 d4 ec 79 45 f5 d5 c2 33 50 82 e6 81 12 fe 56 6e 43 20 0a 72 1a 3a f8 cc db ed 5d d2 b8 7f 27 8a a2 11 f0 3b 60 97 83 44 cc c0 cd 99 77 d2 c0 38 34 0f 61 26 81 23 b4 59 0a 29 b1 c2 0c 32 14 7b 08 87 51 89 32 cc 6a 3a c5 4d 46 2c 27 aa 2e 61 32 a6 88 36 f1 f4 f9 be 94 59 cd e4 d1 06 e7 71 11 22 a1 e0 ce 02 d0 6d a0 ad 02 b3 4e 3d e2 b5 85 7c 8f a1 eb 97 43 07 e9 37 18 f1 b8 fa 48 b7 57 80 84 c9 82 8a a6 1d 71 b2 69 9b 90 76 9e 8a 82 30 44 87 0d 35 8a 73 5f 4a 3a 62 89 40 0a 83 c4 73 d2 9a 1a a0 70 bb 3d f0 d3 7e 81 3e 49 c4 5e 25 54 17 1e 0c eb 44 87 48 46 59 0d 05 ec 2b f7 ed 48 d2 b2 ad 7d b7 41 da 1d 4b e9 ed 1a 42 07 be be 3f 17 76 11 24 f9 ba 0f 6b 8c c2 e4 50 d9 8f bf 51 c5 1c b6 16 3a 3d 27 0a a8 f2 18 b5 34 cd 96 cb a1 6a
                                  Data Ascii: tdHyE3PVnC r:]';`Dw84a&#Y)2{Q2j:MF,'.a26Yq"mN=|C7HWqiv0D5s_J:b@sp=~>I^%TDHFY+H}AKB?v$kPQ:='4j
                                  2024-07-03 16:09:46 UTC16384INData Raw: 6c 70 51 5b c8 24 03 47 05 1b ca c1 da b1 78 a1 1f 89 60 3f dd 44 06 f7 dc 40 44 1e cb dc d8 85 94 82 02 28 45 08 56 9b 47 2c 00 36 06 fb 99 c0 28 e5 76 14 46 99 9b b9 be 9d cb c4 0e 45 ce 61 c2 06 e0 e6 22 89 1c 7f 3f e8 10 1b cf 67 26 64 c4 c1 fd 32 c7 09 65 94 84 9c e5 81 cb 60 cd f1 20 f0 c2 fd d0 53 9c 72 4f 3a 7e 9e e5 31 26 d0 c9 b0 3e 09 8f 6c 11 fb 92 c4 7b 1c ed 67 4c 8d 22 96 3a 4e 20 7d db 05 0f cf 78 9c 84 8c bb 01 2c cf 50 c4 1e 04 48 e2 ef 87 97 27 29 30 9b 71 48 08 cf 0f 7c 17 1a 84 1d 05 a1 e3 05 5e 92 73 c8 8f 78 2f 53 67 9c ba 10 eb 11 03 d9 70 1b 14 c4 bd 20 f6 12 ac 51 9c c7 2e b3 1d 26 f6 22 72 dd d4 86 b9 2b b9 93 e4 3e cf c0 1c 3c 4f b0 0c ac 41 d8 82 83 95 0b 7f 2f bd 18 2d 22 96 91 c8 85 c8 92 04 a2 2f 4a 58 22 33 0f e8 01 26 8b
                                  Data Ascii: lpQ[$Gx`?D@D(EVG,6(vFEa"?g&d2e` SrO:~1&>l{gL":N }x,PH')0qH|^sx/Sgp Q.&"r+><OA/-"/JX"3&
                                  2024-07-03 16:09:46 UTC16384INData Raw: ea 7a 3b e5 ae a8 5f b0 0b 92 73 0b a5 97 fe 5c 17 bd ea 9b 9f 6f 41 82 5f 8e 4c dc a7 2c fa a2 ac f4 5b ba c2 24 05 3f 3d 5d 9c b2 b2 f1 6e f4 78 87 16 54 e4 14 7b 52 de ce 1b 56 ab 0e 0e ab 4e 0f fb e2 12 7f 74 bf ca 2d fd 26 74 33 98 0a 7c 5f 9c 6f 2e d8 35 cc fe d3 f5 04 ea 81 a2 87 da 2e 3e 33 5f ff ad 9c 1e ff 3a ae 81 26 12 89 0a ae 79 52 f9 aa f2 ed a4 c4 6f 4b 55 fb 13 0c 7f 20 1b e3 53 49 fd 69 29 e9 5c 28 b1 e0 fd 13 79 6b 0c 00 67 fe 15 f4 b6 df d4 09 8a 39 7b d6 cc 4c 9f fa f4 db 6b a2 85 24 08 b7 43 e0 7d 3f e7 e6 f7 7f 79 4e f6 39 9c 9c bb 70 c7 8b 75 f1 ba b6 42 6b 5f 7f 57 87 e9 6d f5 7d bd c9 b9 a6 e5 eb 97 d7 f8 b5 fe ad 76 d1 fe 35 0d 96 2f 50 b0 19 bf ea 7f 04 dc 1f 40 c0 2d 9a c5 ea b0 f5 bd 08 be 6d ed ee 45 20 6e 6b bc ad f2 bc 53
                                  Data Ascii: z;_s\oA_L,[$?=]nxT{RVNt-&t3|_o.5.>3_:&yRoKU SIi)\(ykg9{Lk$C}?yN9puBk_Wm}v5/P@-mE nkS
                                  2024-07-03 16:09:46 UTC8063INData Raw: c9 09 e7 25 71 97 31 fa 04 18 97 74 e5 df c5 ee 75 76 29 32 8b 3f 33 66 74 9e 3c 2c fa cb 43 78 72 c8 60 f6 02 ed 5f 4a 53 af c9 27 ea 03 cf 19 db b2 97 fc c8 68 12 a7 ce b8 18 30 5b be 10 38 97 77 0b e3 33 ff 79 e0 06 7c 49 3e 89 d5 4b 96 17 49 96 9b 91 6f e8 e8 de c2 9e 7a 1c 18 1f e8 0f 8e b3 81 71 46 7f 42 85 4f ee 32 00 68 8b e7 a7 f4 f9 eb e4 d4 7d 7a ed 01 1c 7e 26 4b 9c 95 f1 8c 62 1b c2 42 a1 0b 81 eb 98 0d cb 38 a2 65 d4 09 0a 93 ce 31 7d 07 1a 04 80 64 19 f9 b0 c6 bf a4 91 71 90 b7 ca d6 89 fb 78 1c a4 4c 67 34 de e4 ef d5 a9 51 be f4 92 be 64 cb 85 2f e8 96 f3 3c fa 6c 9c 50 68 47 af 52 97 6d 59 2f 93 0c c8 1a cd 48 14 9d a3 c0 47 27 44 ca e0 8e e2 60 91 44 71 c6 78 4d d7 78 ca 16 aa de db c0 68 72 34 30 58 5e a6 c3 9c 03 0b 84 81 e1 76 8d e7
                                  Data Ascii: %q1tuv)2?3ft<,Cxr`_JS'h0[8w3y|I>KIozqFBO2h}z~&KbB8e1}dqxLg4Qd/<lPhGRmY/HG'D`DqxMxhr40X^v


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  9192.168.2.44937413.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:46 UTC654OUTGET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_ixsmqakdnvme1h2u2lb1cq2.js HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  Origin: https://login.microsoftonline.com
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: */*
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: script
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:46 UTC812INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:46 GMT
                                  Content-Type: application/x-javascript
                                  Content-Length: 15943
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Wed, 19 Jun 2024 01:47:57 GMT
                                  ETag: 0x8DC9001D8350ABB
                                  x-ms-request-id: cdae3ba9-301e-0015-29d8-ccd2b6000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160946Z-157bfc59976cxpwvd8havp2p3w0000000f9g000000004dbh
                                  x-fd-int-roxy-purgeid: 0
                                  X-Cache-Info: L1_T2
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:46 UTC15572INData Raw: 1f 8b 08 00 00 00 00 00 04 00 dd 7d 4d 73 23 47 b2 d8 dd bf 02 8b 75 ec 0c 9f 7a 20 7c f0 13 23 68 0c 02 e0 0c de 90 00 04 80 43 29 24 19 d1 04 8a 60 2f 81 6e bc ee c6 70 b8 d4 38 f6 e6 c3 3b f8 6a df 7c f0 c9 47 5f 7c f7 4f d9 88 e7 df e1 fc a8 aa ae ea 6e 00 e4 48 6f 77 9f 15 8a 21 ba eb 2b 2b 2b 2b 2b 33 2b 33 fb 77 37 6b 7f 1a 7b 81 ff 52 ec 3d aa df 85 e0 a5 bf f7 e8 dd bc f4 7e f4 7f de 0b 45 bc 0e fd 02 fe 2e 89 4f ab 20 8c a3 d7 1f dd b0 10 37 f0 55 e3 51 be ab 3f 7e 76 bc 59 dd 77 16 81 3b 13 b3 fa ef 2a 9f 5f cb a6 02 9b 4e dd c5 e2 65 ac 7a 70 62 27 f9 1d ec c1 03 37 6b fc ae 9c 14 7c c6 61 bc c6 a3 ee 28 28 2d 1b c2 09 4a d3 86 07 ff ae 1a c5 a2 13 bc 2c ef 7d 7e f9 63 32 0d 27 70 3c 00 fe 65 75 8f a0 f4 1b de cb 0a f4 0f 7f 0e f6 9c 10 fe 1c
                                  Data Ascii: }Ms#Guz |#hC)$`/np8;j|G_|OnHow!+++++3+3w7k{R=~E.O 7UQ?~vYw;*_Nezpb'7k|a((-J,}~c2'p<eu
                                  2024-07-03 16:09:46 UTC371INData Raw: cf d9 04 24 c4 bf 22 76 37 22 a6 50 fc fd 7f fa fd 05 e5 b0 44 76 31 39 1f c1 33 eb 4b 02 b6 ab 14 d4 39 32 13 4a 56 1c fc c5 5f d1 c2 9a 28 43 73 25 2a d7 0b 90 38 93 c8 2e 55 dc 98 5d 4d be 4c 0d 4d 5b 9a 53 8f 21 08 40 c7 43 99 67 93 76 19 ff 1c 5c b5 81 72 a0 0c b3 05 51 28 23 6b 64 8a fd 28 c6 89 5c 27 61 9d a3 3b 20 8b 0b 10 9f 9a 0b cf 8d 48 e9 58 5e a3 bd 86 5d 58 54 d0 62 ee 6b d9 0b a5 1a aa d7 d2 81 60 14 c8 97 db 0e c4 af 83 0d 05 57 62 31 85 63 8c bb a4 03 49 1a 71 59 8f 88 3d 11 31 1d 83 0e 45 8c 9d 94 2b fa 55 71 50 27 53 ac 85 ce 2e fc 18 e0 23 94 e3 11 81 41 c0 44 dd 64 f1 80 83 65 0a 38 e9 7c a4 8b 72 58 7f fa 35 51 bc 93 e3 6a 15 4d 20 db 9b 04 fe 79 e0 62 a0 13 88 b8 79 95 95 82 65 57 46 ab 1c 89 88 c0 cd fc f8 09 83 60 b6 3e 96 2e 40
                                  Data Ascii: $"v7"PDv193K92JV_(Cs%*8.U]MLM[S!@Cgv\rQ(#kd(\'a; HX^]XTbk`Wb1cIqY=1E+UqP'S.#ADde8|rX5QjM ybyeWF`>.@


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  10192.168.2.44937813.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:47 UTC577OUTGET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: */*
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: script
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:47 UTC797INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:47 GMT
                                  Content-Type: application/x-javascript
                                  Content-Length: 61052
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Thu, 25 May 2023 17:22:47 GMT
                                  ETag: 0x8DB5D44A8CEE4F4
                                  x-ms-request-id: 16928549-601e-005c-548b-c572b4000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160947Z-157bfc59976wmxnhd3euvu5bkg0000000fb00000000013fx
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:47 UTC15587INData Raw: 1f 8b 08 00 00 00 00 00 04 00 cc bd 69 77 db 46 b2 30 fc fd fe 0a 0a 27 57 03 8c da 34 29 2f 71 48 23 bc b2 44 db 4c b4 45 4b 9c 8c ac d1 81 c8 96 04 9b 04 18 00 94 ac 91 f8 df 9f aa ea 1d 04 28 29 c9 7d ef 7b 12 8b 40 a3 7a af ae ae ae ae c5 bf 89 93 51 7a d3 2c f8 98 4f 78 91 dd 9e dd f0 f3 69 34 fc fa 53 9e 26 d3 70 e9 d7 fb fb 93 d3 a0 39 9d e5 57 fe c9 c9 fa 29 3b 61 8c 5d cc 92 61 11 a7 89 cf 59 c1 92 e0 ce 9b e5 bc 91 17 59 3c 2c bc 6e d2 cc fc 22 60 49 73 e4 17 cc fb 35 1a cf f8 cf 50 81 c7 7c 9d 2d b8 cb 78 31 cb 92 46 d6 e4 f3 40 c3 f6 af 79 52 6c 47 05 4f 86 b7 35 e0 51 19 7c 9f 67 79 9c 63 16 5e 93 e5 dc ca 72 94 45 43 be cd af f9 b8 06 78 64 01 6f 4c a7 83 24 8f 2f af 8a 7c 33 cd aa 8b 8f 9d 16 bd 8b 72 5e 0b 6a 17 7d d6 ff 06 4d 1e f1 d1 20
                                  Data Ascii: iwF0'W4)/qH#DLEK()}{@zQz,Oxi4S&p9W);a]aYY<,n"`Is5P|-x1F@yRlGO5Q|gyc^rECxdoL$/|3r^j}M
                                  2024-07-03 16:09:47 UTC16384INData Raw: 11 ba 78 22 35 03 45 5f ae b8 15 0a 6b 9f 0b 6f 06 46 14 14 a0 01 d4 75 81 77 09 f9 14 b6 80 d5 55 f7 1d da c5 86 b6 4e 3c e4 1f ba 37 9b b7 b5 c3 23 d4 c8 84 ec 45 b0 c9 37 15 f4 52 19 68 52 db 84 ba 3a 93 b3 c0 d0 32 cd 34 96 c5 e1 77 a8 86 82 5b a0 e4 0c 44 e8 9f fe b7 62 f3 e2 12 ef cd f4 45 86 1d 76 a9 ca dd 36 79 da 4e 84 b4 06 0b 02 f6 93 7c 32 6b 9e 1f 01 48 1d b9 b0 1d 0e 45 73 ff 0a 48 49 e1 df 50 90 3f 40 e9 4f 5c e1 0c 8a 9e 20 e1 3d f7 f7 d8 4d ad e8 59 f6 8d fc 90 12 fc 6f ee 36 ee 97 d9 84 b2 55 80 c3 3d dc ed cb 9b 20 58 b6 fb e2 12 a8 93 cc bb ce 09 d9 17 b7 1b 9e c3 3b 01 49 81 06 e2 8a cd c8 00 2b 23 63 ac 8c 91 a8 99 6f 92 81 56 7b 8e f7 8d b2 42 9c 4a 97 0c 0b bf 45 f5 d2 62 f4 5e b0 ec 3b b3 a4 63 b8 24 72 e0 05 15 1f 7d e2 3d 3f 37
                                  Data Ascii: x"5E_koFuwUN<7#E7RhR:24w[DbEv6yN|2kHEsHIP?@O\ =MYo6U= X;I+#coV{BJEb^;c$r}=?7
                                  2024-07-03 16:09:47 UTC16384INData Raw: 15 db ec c7 f1 16 6d 6f 68 90 c6 f2 9e eb 33 2a c7 18 89 31 56 eb 59 ec bb 71 89 7f aa 93 e3 73 84 51 29 6d 4a 14 bb 22 63 6f 55 2c 47 e7 05 5d 5b 13 bf a6 ac 26 93 2d 98 72 a5 b7 e5 5a dc 5a c8 41 d4 fd e4 3e 1d 71 da 8f 3c 15 aa a8 02 27 5f eb 0a 69 e7 9e 8a 73 ab 65 64 09 18 b0 07 f0 47 1a e5 af 1f a1 b3 aa 6f 4a be 45 d8 0b 7b 11 7c 72 79 14 0f bd 57 cd 6e 76 d1 ec b5 e1 b3 8d 9d 95 66 c2 ca 10 cd 0f a3 7c 90 c5 ac c9 5a ae fa 7f c2 e6 88 97 22 c9 e1 52 b2 22 5d 8a f0 0f 96 12 40 d3 a5 e8 7c be 94 98 1b 2d 25 d5 4c 26 46 3d 61 3a 5c 4a 00 f5 97 a2 e2 77 4b d1 f9 c9 52 72 ef 6a 29 b9 77 6c 21 fc db 40 f8 5d c6 fc 1b 37 be c9 6d fc 7a 4e 9b e8 e0 a1 68 5f 34 7d d6 b3 76 7a fe 9b e8 2e 1e 44 9c d8 a2 fa f9 8d 92 11 d2 4d a4 6e 0a 47 ef 48 fc 1c f5 39 69
                                  Data Ascii: moh3*1VYqsQ)mJ"coU,G][&-rZZA>q<'_isedGoJE{|ryWnvf|Z"R"]@|-%L&F=a:\JwKRrj)wl!@]7mzNh_4}vz.DMnGH9i
                                  2024-07-03 16:09:47 UTC12697INData Raw: 3a 78 d7 71 cb 0f 05 12 73 65 5f 43 ee b5 a6 0a 6e 83 08 03 ba f6 3a d7 c1 f5 6c 76 ab 4e 60 47 68 19 58 60 f5 1f 5e bb c3 54 de 2e 80 82 4f c9 76 ef a4 d4 b5 72 0a ee 68 55 55 91 83 40 67 5f dc f5 4a 1c f6 94 3e 3d 7d 79 a0 3e 39 55 07 e7 28 38 b8 38 65 d6 f5 5b 91 70 12 1c 69 47 2b 47 a6 a3 95 0e 6d 81 13 58 fc 26 42 bf 8e 1d ad 38 fe 3e ed 53 99 91 95 ee 68 64 66 52 9b 89 03 08 8d 1b 82 51 74 a5 1c f1 3a ed 15 45 74 3b 29 5e 35 bb d6 fb fa 7a db 7a 27 1a 93 ee 23 3d 44 bf 15 6d ad 43 c0 d2 64 91 ac 81 29 f3 92 ec 05 5f 59 d7 da da 65 be a6 3f da b7 38 0a be 24 da e8 8d 01 b8 41 ae b4 0b ff d2 ba a5 24 85 d5 3e 9e 97 b0 f2 d1 73 cf a0 45 b4 57 a1 27 69 f7 9e 79 d0 2d 71 2f 29 4f 51 86 ce 20 a4 8e 6f 80 45 9c a5 63 47 7c 28 33 2f 2a 99 bd c0 49 d2 0d 4e
                                  Data Ascii: :xqse_Cn:lvN`GhX`^T.OvrhUU@g_J>=}y>9U(88e[piG+GmX&B8>ShdfRQt:Et;)^5zz'#=DmCd)_Ye?8$A$>sEW'iy-q/)OQ oEcG|(3/*IN


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  11192.168.2.44937913.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:48 UTC649OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: image
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:48 UTC744INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:48 GMT
                                  Content-Type: image/x-icon
                                  Content-Length: 17174
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Last-Modified: Sun, 18 Oct 2020 03:02:03 GMT
                                  ETag: 0x8D8731230C851A6
                                  x-ms-request-id: 24f04e50-201e-0064-087c-c50bb4000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160948Z-157bfc59976788djms3qunwv7s0000000f70000000003m8k
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:48 UTC15640INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                                  Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                                  2024-07-03 16:09:48 UTC1534INData Raw: 01 80 00 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 bc 7b 00 1f 4c f9 00 22 50 f2 00 f7 a6 00 00 00 ba 7f 00 f3 a6 00 00 1e 4e f6 00 23 4e f4 00 f3 a4 00 00 00 bc 7d 00 00 ba 7d 00 00 00 00 00 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22
                                  Data Ascii: ( @{L"PN#N}}"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  12192.168.2.44938013.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:48 UTC618OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: */*
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: script
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:48 UTC813INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:48 GMT
                                  Content-Type: application/x-javascript
                                  Content-Length: 116351
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Thu, 20 Jun 2024 02:13:44 GMT
                                  ETag: 0x8DC90CE9C53BCDF
                                  x-ms-request-id: bb825904-d01e-0047-225b-cda80d000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160948Z-157bfc5997664n58z75k33ycmc0000000dc00000000068de
                                  x-fd-int-roxy-purgeid: 0
                                  X-Cache-Info: L1_T2
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:48 UTC15571INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ec 7d 5b 5b db 48 b6 e8 fb fe 15 b6 a6 c7 2d c5 85 b1 0d 18 22 23 3c 24 21 3d cc 24 81 0d a4 7b 7a 88 87 4f d8 65 ac c4 96 3c ba 70 69 ec fd db cf 5a ab aa a4 92 2c 83 49 f7 3e e7 e1 4c 7f 1d ac 4b a9 ee b5 ee 97 cd 57 d5 ff aa bc aa 6c ac ff 5f e5 fc e2 f0 ec a2 72 f2 be 72 f1 d7 e3 b3 77 95 53 b8 fb b5 f2 e9 e4 e2 f8 ed d1 fa f5 60 a3 f8 ef 62 ec 45 95 91 37 e1 15 f8 bd 76 23 3e ac 04 7e 25 08 2b 9e 3f 08 c2 59 10 ba 31 8f 2a 53 f8 1b 7a ee a4 32 0a 83 69 25 1e f3 ca 2c 0c be f2 41 1c 55 26 5e 14 c3 47 d7 7c 12 dc 55 4c a8 2e 1c 56 4e dd 30 7e a8 1c 9f 5a 0d a8 9f 43 6d de 8d e7 c3 d7 83 60 f6 00 d7 e3 b8 e2 07 b1 37 e0 15 d7 1f 52 6d 13 b8 f1 23 5e 49 fc 21 0f 2b 77 63 6f 30 ae 7c f4 06 61 10 05 a3 b8 12 f2 01 f7 6e a1 91
                                  Data Ascii: }[[H-"#<$!=${zOe<piZ,I>LKWl_rrwS`bE7v#>~%+?Y1*Sz2i%,AU&^G|UL.VN0~ZCm`7Rm#^I!+wco0|an
                                  2024-07-03 16:09:48 UTC16384INData Raw: 4a f7 29 10 b3 29 ed a1 c8 21 31 6c a4 7c 24 0d a6 d1 11 fa 1c a5 01 0a 5b 94 cd 52 c6 46 74 d3 39 25 b9 7f 35 c7 69 98 e2 f0 39 e4 be 20 51 ac 5f 38 0d a8 6c 12 e7 d2 21 0f 8b f4 60 66 b7 1b e9 bd c8 3e aa 1a df 6f 23 91 ab ae b3 9d 12 39 6d 96 6c c2 1f 17 ff 84 f0 a7 c0 5e a6 92 85 16 39 27 8a c0 d7 0d cc 3c f7 f9 d8 8f 5b 9d 37 47 26 7f 15 59 0b da a9 34 ee 91 b3 21 1c 8d 3c 27 ec 7a fb 09 85 42 a7 64 03 31 f3 2c a8 05 6d ad 37 b0 ba 11 1c 07 6f 63 24 7a 2a 9e c0 44 8c 1c cf 62 f0 b8 de d2 4c a2 2b a3 57 11 6d f9 0d 34 46 c4 62 de 86 83 df 32 6c 2e b3 75 0e eb ee 41 22 9c 1f 37 5c 12 96 74 3d 74 72 f2 36 36 32 25 ee 04 55 af 63 78 3a de 77 bb 63 ad 77 75 24 b9 a9 7f 63 e8 d4 04 d1 8f c8 6e 8b c6 6a 59 7e 51 35 7b d9 54 5d 67 4c 6e e8 08 7d 24 9c 79 b4
                                  Data Ascii: J))!1l|$[RFt9%5i9 Q_8l!`f>o#9ml^9'<[7G&Y4!<'zBd1,m7oc$z*DbL+Wm4Fb2l.uA"7\t=tr662%Ucx:wcwu$cnjY~Q5{T]gLn}$y
                                  2024-07-03 16:09:48 UTC16384INData Raw: 6d fe 7b aa 2c c8 d9 8e 95 7a ea e1 13 d5 92 42 29 a9 34 69 99 56 a3 cd 69 83 c3 6f ad 0d 06 be 1e 18 2a 71 26 24 3e ca 17 6d 68 13 47 34 51 9e 15 8a ac 0d 12 91 55 d3 11 d8 16 bf a2 56 d7 7a 02 f4 82 62 f8 0d f6 31 ff 7e c3 f3 29 3c 6e 86 a6 1e 78 de 1c e6 34 a4 2d b4 eb 08 5b 68 28 e4 27 ff 14 b8 4b 44 60 66 73 00 6a 32 8a 42 93 09 7e 92 0c 7d 2c 7a 55 96 54 86 01 98 c3 99 9b 7c f3 13 c4 37 68 e6 ee ec ec e2 d1 80 1f 5b fb c8 d2 e2 69 d9 f1 c8 34 46 c5 28 ed 39 9f 3e 0d 60 1e eb 3f e7 9f f2 31 60 ab e1 a7 4f 98 a2 2f 76 eb 5e 30 f4 2d 71 81 4f 02 d6 0d 7a c7 ad a2 1f 70 b7 78 5c ea 75 2f ca 7c 67 ab b9 b5 d7 6c 3b ec 0a 9d b4 92 ae 33 2d e1 2e f5 9d cb 49 7a 11 4e 1c 36 48 a7 77 59 7c 39 2e 7c e7 e3 6d f8 6c 65 b3 d5 de 5e df 6c 6d 6e af bc 88 12 8c f1
                                  Data Ascii: m{,zB)4iVio*q&$>mhG4QUVzb1~)<nx4-[h('KD`fsj2B~},zUT|7h[i4F(9>`?1`O/v^0-qOzpx\u/|gl;3-.IzN6HwY|9.|mle^lmn
                                  2024-07-03 16:09:49 UTC16384INData Raw: d2 a6 93 a1 67 65 d3 68 89 fd 88 93 c7 73 8a d0 3c 68 c3 a2 85 cd 11 2c d5 a0 39 ea a4 87 79 47 79 d1 de 01 07 65 18 38 f6 72 b4 57 07 6e 6a dc 1d ba a5 7b 8d 57 c7 b5 e7 f9 f4 f3 2a b8 94 6d 5e 00 db 7c 75 78 d1 f1 80 31 e9 5d c0 37 48 fb ad c6 ee 94 5d b3 3b 34 7e c9 50 1b 7e 0d ff 18 41 2f fc f1 d7 db b6 a8 03 be 57 dd af a4 f1 42 ec c7 77 6c 93 e2 23 c5 ca d6 1f 51 5f d5 65 a2 ce d4 85 07 26 55 2b bd d9 0f 36 d9 2a a6 87 d9 14 ec 58 0d 62 d7 5e 64 c6 3a 90 b8 92 28 99 12 78 3d 8e 6e 85 d5 58 8e 05 53 e5 71 25 82 73 f5 fa 9d e9 21 d1 18 71 6f 28 41 e9 8e bb 64 19 96 fa c8 2b 66 1e 0a af 5d 20 3e bb 3d e8 00 b6 4d df c7 7f 3d 6d 64 60 4a 1c ee 05 21 e0 8f 5d bc fd 39 31 80 0f ed 2f de 78 ba 11 01 9e 38 af da a4 48 18 11 e1 d2 e2 b9 26 db 1b f0 d8 de 88
                                  Data Ascii: gehs<h,9yGye8rWnj{W*m^|ux1]7H];4~P~A/WBwl#Q_e&U+6*Xb^d:(x=nXSq%s!qo(Ad+f] >=M=md`J!]91/x8H&
                                  2024-07-03 16:09:49 UTC16384INData Raw: cf 07 d3 e4 36 c4 e8 63 95 8e 01 05 5d 5f a2 aa 8f ab 0e 2e e0 35 cb d3 9e 23 48 7c f4 9f 8d 9e 19 d1 ef 3e a0 21 c0 ce ce 9b e1 4b ff c2 fb 88 11 fb a2 8f 88 5f 3f 72 d2 9e 8f 9c 24 19 de 61 c5 e0 ee 0e ff 4c f8 cf 72 67 a7 fc e5 56 17 93 c7 22 1b be 7d 7a 77 77 5a 56 f5 f8 a7 2a 26 20 d0 d7 13 e4 78 4f 05 65 0e 7f 82 ee 9f 31 eb 7b 8b 75 3c 8b a4 11 96 f8 d7 71 12 a0 e7 22 ce ba 58 61 02 ad 50 e7 56 c7 91 24 3c a0 88 16 c6 bd f0 55 2f 22 66 2e 77 f3 f3 12 e8 37 ef c6 a7 86 43 80 56 14 17 ac 70 39 a1 b7 2b 14 4c fc b7 1d c2 a2 a9 6b f1 c6 c5 89 71 e2 81 73 3f 1c 94 e6 7c de ee a2 22 34 1b 38 e7 6d d8 0b 68 7e c5 26 d6 a1 6f bf 6e f9 37 8e 5e 6a f7 02 8e e1 64 9e 70 a8 52 d9 a3 2b d8 1f 5e 85 62 97 5a 5d dc 27 59 8f 0b 9a 6c ab b6 cb cf 9d d2 02 54 b7 02
                                  Data Ascii: 6c]_.5#H|>!K_?r$aLrgV"}zwwZV*& xOe1{u<q"XaPV$<U/"f.w7CVp9+Lkqs?|"48mh~&on7^jdpR+^bZ]'YlT
                                  2024-07-03 16:09:49 UTC16384INData Raw: 56 37 d3 aa 7d bb 91 f2 55 83 4e 6e 3f 66 0a 7e 92 35 70 7a 90 35 7a 7a f0 8d 53 40 6d 7c ff 79 e0 7d de 78 32 6a d5 43 3e b4 b7 56 10 ae bd 71 78 f5 ef 3f 08 6c f5 1b c7 90 5c d4 f5 06 f2 17 2d 49 d4 f4 e6 43 6a f0 6c f7 82 7c 08 24 f9 30 93 84 92 25 a8 86 17 c6 37 b6 32 44 b9 e9 b1 28 23 29 75 13 e6 1d 4e 44 53 05 9c a6 42 9f ef 52 74 c4 c9 8c ac 40 7b a1 89 05 1e d4 25 96 94 ac 97 9b 33 6e 07 b3 d5 11 28 e7 a0 1a e9 8e 1b 72 0e 4a 9b cc c1 3b 6b 9a 45 56 98 81 18 9f 8b 11 52 62 9f 7d 24 1c 75 e4 66 60 3c 86 11 0f 12 07 88 b4 48 89 95 37 02 09 66 6f 35 fa da 73 23 93 58 05 b8 51 61 5f 89 5c 38 8e 97 df e1 c1 b6 f9 27 eb 59 9f 4c 2b bb d0 11 a6 64 24 b3 02 f2 dc df e4 26 1a 0a b5 17 85 07 d9 a0 17 68 cc ca 77 73 3d 5b f1 49 00 e6 18 8f 68 05 24 97 aa 6d
                                  Data Ascii: V7}UNn?f~5pz5zzS@m|y}x2jC>Vqx?l\-ICjl|$0%72D(#)uNDSBRt@{%3n(rJ;kEVRb}$uf`<H7fo5s#XQa_\8'YL+d$&hws=[Ih$m
                                  2024-07-03 16:09:49 UTC16384INData Raw: fe ac 48 19 2b 8a 94 b1 92 b0 01 db 62 4d 80 99 2f da 77 b6 3f c7 11 6d b0 20 f4 4e 36 fc 78 52 c2 b7 99 01 db e6 9d af 1f 48 37 8b ba 14 7a 36 64 ec 9f 03 99 99 00 57 ad 27 05 72 83 e4 18 29 8b 44 f6 10 29 ab 44 24 31 6d 8d 91 95 41 6a 2c 03 08 d3 63 6c c9 10 f6 42 47 f7 da 41 2b 20 73 14 ad 6a 89 ed 1b 6d 84 d4 66 3e 8c fd ef 3c ae 65 f2 99 fd 8c 1c f9 b9 c5 67 bd 0c 4d 63 49 4d be 86 87 0e 8d 51 af 18 45 1c 8f fe 48 aa 21 35 8e 64 bc df f3 79 44 5f 94 7a 92 a7 11 dd 02 b4 e0 23 a1 ed f3 d0 09 fb a5 ca a6 db 9e bf 9e 39 eb 9e b2 49 d6 87 b2 38 c4 00 47 66 1b 80 5d 0d e3 4a 71 63 81 46 b6 db a5 b2 85 5d 19 2b 7b 6d df c9 d4 b4 b9 fd 0d 37 24 be f2 5f de 8f 51 d7 b9 01 c0 e6 fd a7 f7 fe cb 83 a8 a1 39 2f 76 e6 ad 15 84 5b 8c 01 5f fb 5f 1a c2 b6 6b 11 bd
                                  Data Ascii: H+bM/w?m N6xRH7z6dW'r)D)D$1mAj,clBGA+ sjmf><egMcIMQEH!5dyD_z#9I8Gf]JqcF]+{m7$_Q9/v[__k
                                  2024-07-03 16:09:49 UTC2476INData Raw: c2 9b 05 e6 87 c6 a4 02 8f 47 66 3a f9 c2 76 0c 4d de cb 47 19 e7 58 5f 9b d6 f4 28 9a 4a fc af ad af 4b 69 91 8f 8e 81 4b 89 40 a7 af 97 d3 e6 90 31 2e 27 06 be 55 2b a7 c1 41 79 3c 2e 27 8e 21 31 2f 27 4e 21 31 2d 27 4e 7c 20 b8 4b 69 33 1f 08 ec 52 da c8 07 02 bc 94 76 e3 03 31 5e 4a bb f4 81 da 28 a5 9d fb 40 e2 94 d2 2e 7c 20 8d 4a 69 67 be f5 a4 9c 76 85 0e ef 4a 69 d7 be f5 6d 39 ed 48 46 cb 1b 1f a7 35 eb 8b af 6d 67 bd 47 e1 f8 6e 17 e8 5e 61 df fc 5c a7 ef 5e ef 5b 99 e1 ee 78 dd ee fb c7 4f 1c c8 f9 c6 5f 6f 0d 8e 53 98 fc af ed 75 f8 bc ee be a0 78 82 18 17 70 3d 7a c0 f6 fa a3 7b ea 3e 77 0f dd b7 ee af ee 2b f7 9d 7b f0 3b 34 a2 6f 17 ee 4b 54 e2 cb 32 1d e4 de 7d ef 1f b4 a2 f3 18 78 be 17 1c 1b fa 3b ff a5 24 99 9e f9 6d f7 35 f2 59 df a3
                                  Data Ascii: Gf:vMGX_(JKiK@1.'U+Ay<.'!1/'N!1-'N| Ki3Rv1^J(@.| JigvJim9HF5mgGn^a\^[xO_oSuxp=z{>w+{;4oKT2}x;$m5Y


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  13192.168.2.44938113.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:49 UTC404OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: */*
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: empty
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:50 UTC744INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:49 GMT
                                  Content-Type: image/x-icon
                                  Content-Length: 17174
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Last-Modified: Sun, 18 Oct 2020 03:02:03 GMT
                                  ETag: 0x8D8731230C851A6
                                  x-ms-request-id: 24f04e50-201e-0064-087c-c50bb4000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160949Z-157bfc599769bbcfn5fpqda8ws0000000b7000000000dbsw
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:50 UTC15640INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                                  Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                                  2024-07-03 16:09:50 UTC1534INData Raw: 01 80 00 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 bc 7b 00 1f 4c f9 00 22 50 f2 00 f7 a6 00 00 00 ba 7f 00 f3 a6 00 00 1e 4e f6 00 23 4e f4 00 f3 a4 00 00 00 bc 7d 00 00 ba 7d 00 00 00 00 00 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22
                                  Data Ascii: ( @{L"PN#N}}"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  14192.168.2.44938413.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:50 UTC620OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: */*
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: script
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:50 UTC797INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:50 GMT
                                  Content-Type: application/x-javascript
                                  Content-Length: 5531
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Thu, 20 Jun 2024 02:13:44 GMT
                                  ETag: 0x8DC90CE9C8E6126
                                  x-ms-request-id: 6e9f3493-b01e-0021-5263-cd5faf000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160950Z-157bfc59976x49h5y0c5nkcgkn0000000esg00000000c89w
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_MISS
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:50 UTC5531INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ad 5b 7d 77 9b 46 d6 ff 7f 3f 05 62 f7 28 b0 19 63 bb 69 9a 2e 2e f5 71 f4 92 a8 b5 63 af 25 b7 9b 4d 72 74 90 18 49 c4 08 28 83 6c ab 96 be fb f3 bb 33 20 90 84 64 a7 cf e6 24 c1 cc dc b9 73 e7 ce 7d bf f8 f0 9f b5 bf 69 ff d4 0e 9e ff 47 eb f6 ce ae 7b da 65 5b eb bd ef 5c 37 b5 2b bc 7d d4 3e 5c f6 3a 8d d6 f3 f1 d0 a6 f4 af 37 f1 85 36 f2 03 ae e1 39 70 05 f7 b4 28 d4 a2 44 f3 c3 61 94 c4 51 e2 a6 5c 68 53 fc 9f f8 6e a0 8d 92 68 aa a5 13 ae c5 49 f4 95 0f 53 a1 05 be 48 b1 68 c0 83 e8 5e 33 80 2e f1 b4 2b 37 49 e7 5a e7 ca b4 80 9f 03 9b 3f f6 43 ac 1e 46 f1 1c 3f 4f 52 2d 8c 52 7f c8 35 37 f4 24 b6 00 2f a1 e0 da 2c f4 78 a2 dd 4f fc e1 44 bb f0 87 49 24 a2 51 aa 25 7c c8 fd 3b 6c 22 66 18 5f df 82 69 6e c2 35 c1 53 6d
                                  Data Ascii: [}wF?b(ci..qc%MrtI(l3 d$s}iG{e[\7+}>\:769p(DaQ\hSnhISHh^3.+7IZ?CF?OR-R57$/,xODI$Q%|;l"f_in5Sm


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  15192.168.2.44938313.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:50 UTC668OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: image
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:50 UTC740INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:50 GMT
                                  Content-Type: image/gif
                                  Content-Length: 2672
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Last-Modified: Wed, 24 May 2023 10:11:47 GMT
                                  ETag: 0x8DB5C3F48EC4154
                                  x-ms-request-id: ccfc872e-201e-0074-6ccc-c6bb96000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160950Z-157bfc59976jdgdjb79ffzmezw00000001zg00000000qcha
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:50 UTC2672INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e 69 18 14 00 21
                                  Data Ascii: GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~i!


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  16192.168.2.44938213.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:50 UTC662OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: image
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:50 UTC740INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:50 GMT
                                  Content-Type: image/gif
                                  Content-Length: 3620
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                  ETag: 0x8DB5C3F4904824B
                                  x-ms-request-id: c75f1999-b01e-0049-1473-c6459c000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160950Z-157bfc59976f8smwu7npa5yb4w0000000c0g000000004svz
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:50 UTC3620INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 0f
                                  Data Ascii: GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`9


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  17192.168.2.44938513.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:50 UTC423OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: */*
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: empty
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:51 UTC740INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:50 GMT
                                  Content-Type: image/gif
                                  Content-Length: 2672
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Last-Modified: Wed, 24 May 2023 10:11:47 GMT
                                  ETag: 0x8DB5C3F48EC4154
                                  x-ms-request-id: ccfc872e-201e-0074-6ccc-c6bb96000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160950Z-157bfc599762bp4g6vwuvcqvz00000000f1000000000nvvy
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:51 UTC2672INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e 69 18 14 00 21
                                  Data Ascii: GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~i!


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  18192.168.2.44938613.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:50 UTC417OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: */*
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: empty
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:51 UTC740INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:51 GMT
                                  Content-Type: image/gif
                                  Content-Length: 3620
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                  ETag: 0x8DB5C3F4904824B
                                  x-ms-request-id: c75f1999-b01e-0049-1473-c6459c000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160950Z-157bfc59976cs7dp68mf7de13s0000000etg000000004eed
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:51 UTC3620INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 0f
                                  Data Ascii: GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`9


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  19192.168.2.449387152.199.21.1754434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:52 UTC701OUTGET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/illustration?ts=637486276470461863 HTTP/1.1
                                  Host: aadcdn.msauthimages.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: image
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:52 UTC619INHTTP/1.1 200 OK
                                  Accept-Ranges: bytes
                                  Access-Control-Allow-Origin: *
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
                                  Age: 18105
                                  Cache-Control: public, max-age=86400
                                  Content-MD5: vvZINXhDVdlmlsRfbE0wlA==
                                  Content-Type: image/*
                                  Date: Wed, 03 Jul 2024 16:09:52 GMT
                                  Etag: 0x8D8CE6412525D94
                                  Last-Modified: Thu, 11 Feb 2021 08:07:27 GMT
                                  Server: ECAcc (lhc/791B)
                                  X-Cache: HIT
                                  x-ms-blob-type: BlockBlob
                                  x-ms-lease-status: unlocked
                                  x-ms-request-id: a8aa99a4-b01e-0059-0139-cd29b4000000
                                  x-ms-version: 2009-09-19
                                  Content-Length: 280036
                                  Connection: close
                                  2024-07-03 16:09:52 UTC16383INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 02 36 03 52 03 01 11 00 02 11 01 03 11 01 ff c4 00 1d 00 00 02 03 01 01 01 01 01 00 00 00 00 00 00 00 00 05 06 03 04 07 02 08 01 00 09 ff c4 00 44 10 00 02 01 02 05 03 02 05 02 04 03 08 02 01 02 07 01 02 03 04 11 00 05 12 21 31 06 13 41 22 51 07 14 32 61 71 23 81 15 42 91 a1
                                  Data Ascii: JFIFHHCC6RD!1A"Q2aq#B
                                  2024-07-03 16:09:52 UTC16383INData Raw: a9 89 2d ac df 7e 6f b8 b1 c1 e8 f9 5c 03 cd 8c aa bb 12 17 34 b9 5f 67 2a 8e 76 d1 08 94 b1 68 a5 7d d0 94 3b 0e 40 07 4d ad c9 18 19 75 e1 4a 92 bf 33 41 97 e6 ac ce 4d 3c 49 62 d0 84 0c c0 90 6e 8c dc f0 7d 85 86 e3 1c d1 70 42 93 6b 25 2c a6 b0 56 a5 74 f2 cf 4e f5 32 c2 82 38 53 52 b2 2f 6c aa b3 11 c1 b9 1b 0d 81 df 6b 61 b7 88 80 05 90 e5 59 6e a7 a7 ac ac 9d 69 b2 f9 29 61 9e a5 d6 5c c9 f4 c7 09 20 fa ae 4e f6 25 87 3b 83 6f 1c 50 53 74 5c c9 8c 29 95 26 4f 95 66 15 91 52 e5 d9 5d 01 5a e8 5e 43 a8 91 1d a2 24 92 58 5f d9 08 20 5b 91 be e3 04 a7 4c d5 71 d3 7b 7a e0 2b 00 5d 60 11 bc ea 8e a3 2a 69 9d a9 3b 66 48 a2 bd 33 0d 0e b1 d8 6f 7f 0d 62 4f fd b0 a9 63 98 ed 2f b1 0a 4d b6 44 a8 66 96 b7 24 3d b9 12 6a b6 90 08 d3 4d 84 96 be 95 1c db 6b
                                  Data Ascii: -~o\4_g*vh};@MuJ3AM<Ibn}pBk%,VtN28SR/lkaYni)a\ N%;oPSt\)&OfR]Z^C$X_ [Lq{z+]`*i;fH3obOc/MDf$=jMk
                                  2024-07-03 16:09:52 UTC16383INData Raw: 1b 58 ef 7e 6b 32 ce eb 57 33 78 e8 e9 f5 7c b5 3b 10 8a 5b 51 37 fb d8 61 d6 b6 2f ba d8 76 96 61 77 97 a9 4e c7 71 03 46 24 0c 2f 73 6b 11 7e 3d f6 c1 61 27 50 cc c6 56 ff 00 49 9e d3 53 e5 2f 99 49 53 13 40 02 be 99 1c fa 43 6c 35 0b 7b ff 00 ef 38 c1 34 1d af 4c 24 98 f9 ce 61 62 ff 00 10 7a b2 9f ae 33 08 63 a4 a5 58 e6 57 d0 b2 b1 0a f2 12 78 b0 f4 8d cf 24 e3 4e 8d 23 48 19 2b 4d 92 c6 cb b0 af 74 d7 47 40 b9 63 69 cb e2 cc b3 48 e5 09 56 95 04 e9 a6 0d 70 05 81 f0 37 d4 2f fe 58 0d 4a b0 6e 60 6d d5 54 bc 92 63 d4 75 0a 1e b5 e8 7a 7c 8f 2a a5 a9 8e ae 5a 8a e9 a5 d0 c9 26 90 0a db ea 45 e4 8e 3c ed 8b d0 ac ea ef 2d 8b 23 34 d8 ca 0f 4b 51 4d 96 34 55 11 ce 63 78 b4 33 78 21 ff 00 98 01 e7 1a 81 ad ff 00 d2 59 ec 73 c1 6b 86 56 9b d3 7f 11 68 ba
                                  Data Ascii: X~k2W3x|;[Q7a/vawNqF$/sk~=a'PVIS/IS@Cl5{84L$abz3cXWx$N#H+MtG@ciHVp7/XJn`mTcuz|*Z&E<-#4KQM4Ucx3x!YskVh
                                  2024-07-03 16:09:52 UTC3INData Raw: 15 c9 6b
                                  Data Ascii: k
                                  2024-07-03 16:09:52 UTC16383INData Raw: a0 ca 0f 98 25 3d 11 96 28 59 c6 b3 a5 13 e9 28 db ff 00 2d c9 da d6 b8 bf df 1c d2 5f 12 a8 e2 06 ca 2c 87 29 7c c7 35 8e 9a 02 b2 5e 40 03 46 4a 86 6e 2d ed e4 ff 00 6c 1e a3 f4 b6 40 40 8f 32 d2 62 ca 8d 35 65 38 8a 45 49 13 48 d4 c0 00 5a e4 0b 1d c0 17 1c f8 b6 16 a2 4b dd e6 c2 a3 c4 9f 29 5b cf c2 ce 8c cb 5a ac d7 67 f9 55 7d 76 49 59 23 2d 36 6f 4d 1b 47 76 45 d4 65 50 86 f6 d4 0d ed c6 e4 8c 6a 70 f4 da e7 5e c3 6d 82 d3 a0 cd f4 c8 d9 03 ea 3e 92 97 28 ad 92 4c b1 e4 96 82 a6 56 74 13 82 24 84 eb d4 be a3 fc a6 db 1b 5f 73 7b 58 e3 53 87 69 a5 e5 06 51 03 05 33 e5 c2 7c e9 6e bc ab 93 a7 e7 5a a8 9e 8e 2a 30 d1 4f 2b 7a 59 0b 35 d4 06 53 7d 64 5f 80 78 b0 e3 0f 90 0e 11 85 b2 b6 5e 92 ea 75 96 9e 9a 39 26 95 6a a3 a2 d5 30 31 9d 17 04 05 2a 48
                                  Data Ascii: %=(Y(-_,)|5^@FJn-l@@2b5e8EIHZK)[ZgU}vIY#-6oMGvEePjp^m>(LVt$_s{XSiQ3|nZ*0O+zY5S}d_x^u9&j01*H
                                  2024-07-03 16:09:52 UTC16383INData Raw: b1 d0 65 a9 0a fa 6f b5 c6 9d 8f db 03 2d 6f ff 00 62 9b 34 5e 0c 09 f9 7e 52 b4 72 30 37 50 09 bd ce 3d 41 04 dd 79 c7 b0 44 3b 92 f9 ea 0f 7d 16 04 fb ed f8 18 98 85 3e 5d 31 37 0b b4 8c c6 f6 29 61 cd c8 e3 1c d2 66 10 cb 83 c6 54 ed 13 53 12 0a fa 36 37 23 9c 54 b4 83 05 2c 1c 2a 5e 6f 75 d8 80 c7 3b 44 6e 09 e4 5b 8b e3 a0 1b 15 05 fa 99 af 92 85 e9 f4 39 de c5 81 fd bd b1 56 c8 46 15 65 be 8a 09 22 25 ec e3 46 95 be fe 71 7b 91 29 96 3c 06 cb 6f 2b e4 44 05 52 4f 37 d5 ef 8a ae a8 0c 90 02 97 e5 76 0f aa d7 17 03 9b ed 88 94 1f 1a c5 90 a4 a1 55 d4 58 a9 56 1e a0 4f 9c 49 08 7c 41 30 00 32 14 65 42 3c a1 80 56 65 3a 49 f7 f1 88 37 88 44 99 0d 22 f0 42 fc 05 e5 0d a1 9d af 60 c0 6d c7 23 12 d1 b2 99 f2 69 98 1c bf 28 ad 1a 48 92 c1 58 91 2b a2 48 37
                                  Data Ascii: eo-ob4^~Rr07P=AyD;}>]17)afTS67#T,*^ou;Dn[9VFe"%Fq{)<o+DRO7vUXVOI|A02eB<Ve:I7D"B`m#i(HX+H7
                                  2024-07-03 16:09:52 UTC16383INData Raw: b8 bd ec a4 9b 03 fd 37 18 67 53 e9 ea 75 27 4c fe 90 b4 02 09 77 7d 16 65 d4 59 76 63 d2 9d 79 25 64 86 8e 86 93 36 91 14 0a 48 94 89 8a 31 d2 0b 7f 2b b2 dc ec 07 07 ce 36 b8 67 d3 ad 43 45 c9 6f 3d a4 7d 02 53 8b 64 81 50 0d a3 bf a7 c1 39 e6 d5 f4 51 54 8a ca 6f 96 86 9e 78 c8 9e 79 8d a9 dd 46 ed 70 0e e4 dd b5 1e 6f 6e 3c f5 29 34 cd 32 26 31 df d1 26 0c 8b 8b f7 d9 e8 86 64 59 ac 50 e6 93 25 4d 45 26 69 4d 38 f5 d1 c5 29 93 b0 c0 6a da ec 07 86 3c 9f 00 ef 82 56 d6 69 80 06 92 dd f0 ad 11 04 6f f7 fc fc 91 5a 8c f8 45 4f f3 0c 3b 71 47 2b 94 91 6d 31 92 12 4d 88 0b 7b 00 b7 d8 de db d8 62 a1 e0 91 26 4c 5e 6c bb 4e a7 69 1e dd fa af 92 7c 45 cb a3 9e 03 47 97 c7 57 40 c8 c6 58 ea a5 2c 64 22 e7 d0 77 0c 35 15 3c db 4e db 5f 05 a5 44 5d f5 b6 c7 e7
                                  Data Ascii: 7gSu'Lw}eYvcy%d6H1+6gCEo=}SdP9QToxyFpon<)42&1&dYP%ME&iM8)j<VioZEO;qG+m1M{b&L^lNi|EGW@X,d"w5<N_D]
                                  2024-07-03 16:09:52 UTC16383INData Raw: 89 41 3e 9e de e4 1b fa 8d ad 71 fb 8c 07 85 6b 5e e3 aa ff 00 59 ea ba 91 80 47 3e e5 2c e4 1d 39 35 55 05 6d 65 74 4e 2b a2 a8 57 0e c8 a1 c5 88 e6 e2 de 6e 54 ee 76 3b 71 87 aa d5 0d 2d 6b 70 52 95 bc cf 74 e2 3b ef d9 59 cd fa 4e 8b 3a 91 a4 11 0a cc d8 83 33 16 91 56 32 bc 15 05 46 c4 1e 07 f7 c0 59 54 d3 03 66 e1 43 5e ec 13 9f b2 15 4b d3 55 b4 99 9d 24 a8 af 4d 2c 4a 13 f5 d5 81 90 12 09 51 bd 8f df c7 38 69 d5 98 e6 93 32 0a 11 32 dd 27 d7 d1 3a d4 51 55 ca 74 9a 86 a6 ec b0 62 f1 d3 87 79 05 b6 45 d3 bd bc 13 ed 8c d0 5a 2e 44 fb fd 51 8e ed 09 5b ac ea e0 a3 e9 19 8d 3d 35 65 2d 26 a0 69 5a 65 d2 7b d7 b1 da d7 04 ee 6f 7d ae 30 cd 30 e3 54 49 04 fd 91 68 ff 00 22 3e 3e a8 17 46 52 66 b4 b4 02 b6 ae a6 3a 4a 68 19 de 24 ab 72 8b 24 a7 c5 cf f3
                                  Data Ascii: A>qk^YG>,95UmetN+WnTv;q-kpRt;YN:3V2FYTfC^KU$M,JQ8i22':QUtbyEZ.DQ[=5e-&iZe{o}00TIh">>FRf:Jh$r$
                                  2024-07-03 16:09:52 UTC16383INData Raw: fa 46 f6 b6 20 f1 1e 7f 09 c2 f1 f3 e4 8d 53 87 15 9a 5d 45 d8 c4 f4 dd 33 52 c9 95 ad 34 21 6b 24 2a 10 00 7b 04 6d 6f c6 16 2c aa 4c c7 cd 65 9e 16 a1 d9 26 3c 0b db ef 2e df e2 38 f5 8d 5e 6d b5 0c f8 6e f6 51 69 60 5b 40 27 fc 36 c4 99 46 0e 69 8d 5e ea 57 8d 02 c7 63 72 47 af fe 9f b7 e7 13 a6 0a 10 2e 04 fc 95 77 8c ab b1 02 f6 e2 f8 b5 e2 53 61 e0 b4 05 fa 35 0b b5 cd c8 df 6f 3e d8 eb ec b9 ee 26 ff 00 05 66 0d 29 2a af a5 5c dc 36 bf e5 fc e2 08 70 30 52 75 03 8b 4b b6 fa ae de a2 6b ab db 5d b6 d6 fb ea 03 c1 fe 98 a9 76 ee 55 14 d9 70 4c 7a 75 52 d4 4e d5 2f 1e bd 94 ee 58 8d ff 00 f3 6c 73 6f 30 83 4d 82 98 31 95 cc ca 11 91 a3 94 39 b6 f6 dc 5c 9f 07 f1 8a 82 46 55 9a 64 16 b8 76 17 32 6e 09 31 f6 da d7 b9 36 fe c7 17 68 23 75 2d b1 89 95 1d
                                  Data Ascii: F S]E3R4!k$*{mo,Le&<.8^mnQi`[@'6Fi^WcrG.wSa5o>&f)*\6p0RuKk]vUpLzuRN/Xlso0M19\FUdv2n16h#u-
                                  2024-07-03 16:09:52 UTC16383INData Raw: ed 61 be df 6c 50 89 4d 83 a8 eb da ea b4 d1 bc 45 d0 5f 91 e9 e4 1b e0 72 98 63 83 a0 95 60 97 ec 85 a8 8e 70 04 60 47 be da 49 bf 07 c7 3f d6 f8 b2 15 b5 4d 32 33 7f 55 62 08 e2 a6 92 44 15 22 38 88 22 f6 d4 af b7 16 f0 7e ff 00 6c 48 4b bd ce a8 03 8b 64 fc 21 5d a6 ac 54 68 dd 96 23 68 ca 94 d3 a4 13 e4 fe 71 71 7b 25 1f 4e 64 09 cf 7e ca ad fb fa 83 2e f6 04 15 db 7b 60 e1 87 64 db 69 3e c5 aa 29 d0 c3 a6 c6 d7 f6 f7 c5 9c dd 28 ef a6 19 d5 5d a5 91 9f 49 2e 05 bc 81 b1 c3 0d 24 e5 46 9d 4d 04 05 ab 7c 33 e9 f8 7a ac 48 f0 a5 22 c7 1b f6 2a 23 48 0b 34 4a 50 85 91 59 ae 35 6a df 6b 71 e0 63 3f 89 aa 29 95 a1 47 85 2f 73 5d 02 2f 3c d6 a9 f0 e7 a2 66 c8 52 af e4 a7 a6 ee aa c7 0c 79 95 3c 23 bc 92 a3 7e aa 30 25 b6 36 00 f1 7d ec 71 95 55 ed 2e 97 0f
                                  Data Ascii: alPME_rc`p`GI?M23UbD"8"~lHKd!]Th#hqq{%Nd~.{`di>)(]I.$FM|3zH"*#H4JPY5jkqc?)G/s]/<fRy<#~0%6}qU.


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  20192.168.2.449388152.199.21.1754434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:52 UTC699OUTGET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/bannerlogo?ts=638243219943629081 HTTP/1.1
                                  Host: aadcdn.msauthimages.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: image
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:52 UTC617INHTTP/1.1 200 OK
                                  Accept-Ranges: bytes
                                  Access-Control-Allow-Origin: *
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
                                  Age: 18105
                                  Cache-Control: public, max-age=86400
                                  Content-MD5: NNG+NLqFdvh/wk5NYOga2A==
                                  Content-Type: image/*
                                  Date: Wed, 03 Jul 2024 16:09:52 GMT
                                  Etag: 0x8DB7ED3B51BA527
                                  Last-Modified: Fri, 07 Jul 2023 10:19:54 GMT
                                  Server: ECAcc (lhc/7936)
                                  X-Cache: HIT
                                  x-ms-blob-type: BlockBlob
                                  x-ms-lease-status: unlocked
                                  x-ms-request-id: 164c014b-101e-001b-4439-cd02a0000000
                                  x-ms-version: 2009-09-19
                                  Content-Length: 6877
                                  Connection: close
                                  2024-07-03 16:09:52 UTC6877INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff e1 00 22 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 01 01 12 00 03 00 00 00 01 00 01 00 00 00 00 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 3c 00 b8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03
                                  Data Ascii: JFIF``"ExifMM*CC<"


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  21192.168.2.44939513.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:54 UTC624OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: */*
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: script
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:54 UTC812INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:54 GMT
                                  Content-Type: application/x-javascript
                                  Content-Length: 35167
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Thu, 20 Jun 2024 02:13:45 GMT
                                  ETag: 0x8DC90CE9CFCD37E
                                  x-ms-request-id: 85cf52ce-801e-003a-4f59-cdca9a000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160954Z-157bfc59976d2vnn3t284pk5sn0000000f3000000000ff41
                                  x-fd-int-roxy-purgeid: 0
                                  X-Cache-Info: L1_T2
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:54 UTC15572INData Raw: 1f 8b 08 00 00 00 00 00 04 00 c4 bd 6b 43 db 48 b2 30 fc fd f9 15 e0 9d 65 ac b5 00 df 30 18 70 58 06 92 49 76 33 93 9c 5c 66 cf 2e 30 59 59 96 6d 0d b2 65 24 99 4b 02 cf 6f 7f eb d2 97 6a c9 90 cc 9c 67 df 33 e7 6c 70 57 df aa ab ab ab ab aa ab 5b db 7f 59 ff 3f 6b 7f 59 db fc f6 ff d6 de 7f 38 7e f7 61 ed cd 8b b5 0f 2f 5f bd 3b 5d 7b 0b a9 7f ae fd fc e6 c3 ab 93 e7 df de 0e 76 8a ff fb 30 8d f3 b5 71 9c 44 6b f0 77 18 e4 d1 68 2d 9d af a5 d9 5a 3c 0f d3 6c 91 66 41 11 e5 6b 33 f8 37 8b 83 64 6d 9c a5 b3 b5 62 1a ad 2d b2 f4 b7 28 2c f2 b5 24 ce 0b a8 34 8c 92 f4 66 ad 0e cd 65 a3 b5 b7 41 56 dc ad bd 7a eb 6d 41 fb 11 b4 16 4f e2 39 d4 0e d3 c5 1d fc 9e 16 6b f3 b4 88 c3 68 2d 98 8f a8 b5 04 12 f3 3c 5a 5b ce 47 51 b6 76 33 8d c3 e9 da 4f 71 98 a5 79
                                  Data Ascii: kCH0e0pXIv3\f.0YYme$Kojg3lpW[Y?kY8~a/_;]{v0qDkwh-Z<lfAk37dmb-(,$4feAVzmAO9kh-<Z[GQv3Oqy
                                  2024-07-03 16:09:54 UTC16384INData Raw: 76 9b 2f e0 df bd e7 ed f3 65 6b af f9 9c 1c 62 3f 6c d2 9f 17 f8 6f fb 98 12 6d ca e9 35 29 c1 8f fd f5 7a 9c 80 62 2f 9e bf c0 7f 5f bc e8 6f d2 9f 1f 2e ee cf 97 a7 60 28 9c c1 9f 93 1f 4e f1 df 93 53 06 b6 5f 10 f0 18 9b 82 3f 1d 86 76 a8 e8 e9 6e 67 93 fe 1c 13 f4 87 6e 93 ca 36 5b f8 6f 9b 6b ec be b8 d8 a6 51 b7 be 46 54 9a 87 d7 f1 fc f2 75 30 8c 12 a6 23 6e 83 36 e3 34 ca 8b 78 4e 8f 36 70 76 c7 c9 fe 10 17 49 c4 19 5d a6 74 fb f7 1b 06 d6 3f 68 0c 77 dc a3 42 52 c6 f3 9f 82 5b 50 f6 e8 27 89 62 fa 35 40 0b 7d 3e 68 1d 50 ea 30 3c 20 36 ec 77 40 f6 83 82 01 ec 9d 85 52 ae 52 29 dc ca d0 7b b8 b9 39 f7 be e0 f6 ae 24 18 54 8c b9 7d 60 f1 d9 08 64 02 be 87 b0 95 5f c6 8b 0f e9 65 84 cb cd ef e3 6e 97 7a 54 74 c0 85 37 5b de bc d1 30 9e af cc b0 3c
                                  Data Ascii: v/ekb?lom5)zb/_o.`(NS_?vngn6[okQFTu0#n64xN6pvI]t?hwBR[P'b5@}>hP0< 6w@RR){9$T}`d_enzTt7[0<
                                  2024-07-03 16:09:54 UTC3211INData Raw: e1 ed ea b0 ac 92 82 75 2f 8b 2a 05 14 34 fd 1a c5 36 65 24 65 6c 49 0f fb f5 ae 8b 39 af bd 9d 61 77 65 05 ed d7 d3 02 8f 2a 24 e3 8c 33 d4 2e a8 2b 10 7f 09 1e df 70 01 67 5d 99 df 6e 0c fb 5e e1 91 97 41 8b 0c a8 c9 fe 8d cc 73 b7 53 8e e9 3a 34 77 9e 45 2b ef ec 74 19 f0 8d b3 7c 3e 09 f6 86 8c 6d f3 96 3d 09 ef 1d 6d 76 3c 76 22 86 62 6a d5 37 94 37 b1 1e 4d a8 9b 88 ca 1e 85 6f f4 5e e4 95 d5 e6 da 28 20 28 55 1f c5 39 1a 50 e3 2f d5 e6 b5 5e 6b 54 aa 15 a6 83 10 c2 eb d5 56 83 85 d7 6b c5 62 03 c3 e9 65 f8 5c 67 bf 17 78 27 80 5f d5 48 08 cb 5c a4 8c 4d f4 97 48 27 af 88 28 55 29 a6 52 0a 92 96 ca 0d 0a 2a d5 5a 2a 1a 18 32 bb a5 12 da f3 28 a9 ec 5f 4c 35 06 59 7d a3 e2 c4 db 35 55 20 1b 79 a9 46 cd 75 2e 7b 9d e6 2f e7 66 d0 3b 69 f7 2b d8 ee c7
                                  Data Ascii: u/*46e$elI9awe*$3.+pg]n^AsS:4wE+t|>m=mv<v"bj77Mo^( (U9P/^kTVkbe\gx'_H\MH'(U)R*Z*2(_L5Y}5U yFu.{/f;i+


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  22192.168.2.44939413.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:54 UTC663OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                  sec-ch-ua-mobile: ?0
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  Sec-Fetch-Site: cross-site
                                  Sec-Fetch-Mode: no-cors
                                  Sec-Fetch-Dest: image
                                  Referer: https://login.microsoftonline.com/
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:54 UTC784INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:54 GMT
                                  Content-Type: image/svg+xml
                                  Content-Length: 621
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                  ETag: 0x8DB5C3F49ED96E0
                                  x-ms-request-id: 4ced282f-f01e-004d-6996-c5e994000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160954Z-157bfc59976pjpd267bfvppp200000000f5g00000000ez5h
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:54 UTC621INData Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8
                                  Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  23192.168.2.449398152.199.21.1754434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:55 UTC456OUTGET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/illustration?ts=637486276470461863 HTTP/1.1
                                  Host: aadcdn.msauthimages.net
                                  Connection: keep-alive
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: */*
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: empty
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:55 UTC619INHTTP/1.1 200 OK
                                  Accept-Ranges: bytes
                                  Access-Control-Allow-Origin: *
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
                                  Age: 18108
                                  Cache-Control: public, max-age=86400
                                  Content-MD5: vvZINXhDVdlmlsRfbE0wlA==
                                  Content-Type: image/*
                                  Date: Wed, 03 Jul 2024 16:09:55 GMT
                                  Etag: 0x8D8CE6412525D94
                                  Last-Modified: Thu, 11 Feb 2021 08:07:27 GMT
                                  Server: ECAcc (lhc/791B)
                                  X-Cache: HIT
                                  x-ms-blob-type: BlockBlob
                                  x-ms-lease-status: unlocked
                                  x-ms-request-id: a8aa99a4-b01e-0059-0139-cd29b4000000
                                  x-ms-version: 2009-09-19
                                  Content-Length: 280036
                                  Connection: close
                                  2024-07-03 16:09:55 UTC16383INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 02 36 03 52 03 01 11 00 02 11 01 03 11 01 ff c4 00 1d 00 00 02 03 01 01 01 01 01 00 00 00 00 00 00 00 00 05 06 03 04 07 02 08 01 00 09 ff c4 00 44 10 00 02 01 02 05 03 02 05 02 04 03 08 02 01 02 07 01 02 03 04 11 00 05 12 21 31 06 13 41 22 51 07 14 32 61 71 23 81 15 42 91 a1
                                  Data Ascii: JFIFHHCC6RD!1A"Q2aq#B
                                  2024-07-03 16:09:55 UTC16383INData Raw: a9 89 2d ac df 7e 6f b8 b1 c1 e8 f9 5c 03 cd 8c aa bb 12 17 34 b9 5f 67 2a 8e 76 d1 08 94 b1 68 a5 7d d0 94 3b 0e 40 07 4d ad c9 18 19 75 e1 4a 92 bf 33 41 97 e6 ac ce 4d 3c 49 62 d0 84 0c c0 90 6e 8c dc f0 7d 85 86 e3 1c d1 70 42 93 6b 25 2c a6 b0 56 a5 74 f2 cf 4e f5 32 c2 82 38 53 52 b2 2f 6c aa b3 11 c1 b9 1b 0d 81 df 6b 61 b7 88 80 05 90 e5 59 6e a7 a7 ac ac 9d 69 b2 f9 29 61 9e a5 d6 5c c9 f4 c7 09 20 fa ae 4e f6 25 87 3b 83 6f 1c 50 53 74 5c c9 8c 29 95 26 4f 95 66 15 91 52 e5 d9 5d 01 5a e8 5e 43 a8 91 1d a2 24 92 58 5f d9 08 20 5b 91 be e3 04 a7 4c d5 71 d3 7b 7a e0 2b 00 5d 60 11 bc ea 8e a3 2a 69 9d a9 3b 66 48 a2 bd 33 0d 0e b1 d8 6f 7f 0d 62 4f fd b0 a9 63 98 ed 2f b1 0a 4d b6 44 a8 66 96 b7 24 3d b9 12 6a b6 90 08 d3 4d 84 96 be 95 1c db 6b
                                  Data Ascii: -~o\4_g*vh};@MuJ3AM<Ibn}pBk%,VtN28SR/lkaYni)a\ N%;oPSt\)&OfR]Z^C$X_ [Lq{z+]`*i;fH3obOc/MDf$=jMk
                                  2024-07-03 16:09:55 UTC16383INData Raw: 1b 58 ef 7e 6b 32 ce eb 57 33 78 e8 e9 f5 7c b5 3b 10 8a 5b 51 37 fb d8 61 d6 b6 2f ba d8 76 96 61 77 97 a9 4e c7 71 03 46 24 0c 2f 73 6b 11 7e 3d f6 c1 61 27 50 cc c6 56 ff 00 49 9e d3 53 e5 2f 99 49 53 13 40 02 be 99 1c fa 43 6c 35 0b 7b ff 00 ef 38 c1 34 1d af 4c 24 98 f9 ce 61 62 ff 00 10 7a b2 9f ae 33 08 63 a4 a5 58 e6 57 d0 b2 b1 0a f2 12 78 b0 f4 8d cf 24 e3 4e 8d 23 48 19 2b 4d 92 c6 cb b0 af 74 d7 47 40 b9 63 69 cb e2 cc b3 48 e5 09 56 95 04 e9 a6 0d 70 05 81 f0 37 d4 2f fe 58 0d 4a b0 6e 60 6d d5 54 bc 92 63 d4 75 0a 1e b5 e8 7a 7c 8f 2a a5 a9 8e ae 5a 8a e9 a5 d0 c9 26 90 0a db ea 45 e4 8e 3c ed 8b d0 ac ea ef 2d 8b 23 34 d8 ca 0f 4b 51 4d 96 34 55 11 ce 63 78 b4 33 78 21 ff 00 98 01 e7 1a 81 ad ff 00 d2 59 ec 73 c1 6b 86 56 9b d3 7f 11 68 ba
                                  Data Ascii: X~k2W3x|;[Q7a/vawNqF$/sk~=a'PVIS/IS@Cl5{84L$abz3cXWx$N#H+MtG@ciHVp7/XJn`mTcuz|*Z&E<-#4KQM4Ucx3x!YskVh
                                  2024-07-03 16:09:55 UTC16383INData Raw: 15 c9 6b a0 ca 0f 98 25 3d 11 96 28 59 c6 b3 a5 13 e9 28 db ff 00 2d c9 da d6 b8 bf df 1c d2 5f 12 a8 e2 06 ca 2c 87 29 7c c7 35 8e 9a 02 b2 5e 40 03 46 4a 86 6e 2d ed e4 ff 00 6c 1e a3 f4 b6 40 40 8f 32 d2 62 ca 8d 35 65 38 8a 45 49 13 48 d4 c0 00 5a e4 0b 1d c0 17 1c f8 b6 16 a2 4b dd e6 c2 a3 c4 9f 29 5b cf c2 ce 8c cb 5a ac d7 67 f9 55 7d 76 49 59 23 2d 36 6f 4d 1b 47 76 45 d4 65 50 86 f6 d4 0d ed c6 e4 8c 6a 70 f4 da e7 5e c3 6d 82 d3 a0 cd f4 c8 d9 03 ea 3e 92 97 28 ad 92 4c b1 e4 96 82 a6 56 74 13 82 24 84 eb d4 be a3 fc a6 db 1b 5f 73 7b 58 e3 53 87 69 a5 e5 06 51 03 05 33 e5 c2 7c e9 6e bc ab 93 a7 e7 5a a8 9e 8e 2a 30 d1 4f 2b 7a 59 0b 35 d4 06 53 7d 64 5f 80 78 b0 e3 0f 90 0e 11 85 b2 b6 5e 92 ea 75 96 9e 9a 39 26 95 6a a3 a2 d5 30 31 9d 17 04
                                  Data Ascii: k%=(Y(-_,)|5^@FJn-l@@2b5e8EIHZK)[ZgU}vIY#-6oMGvEePjp^m>(LVt$_s{XSiQ3|nZ*0O+zY5S}d_x^u9&j01
                                  2024-07-03 16:09:55 UTC16383INData Raw: d9 69 88 b1 d0 65 a9 0a fa 6f b5 c6 9d 8f db 03 2d 6f ff 00 62 9b 34 5e 0c 09 f9 7e 52 b4 72 30 37 50 09 bd ce 3d 41 04 dd 79 c7 b0 44 3b 92 f9 ea 0f 7d 16 04 fb ed f8 18 98 85 3e 5d 31 37 0b b4 8c c6 f6 29 61 cd c8 e3 1c d2 66 10 cb 83 c6 54 ed 13 53 12 0a fa 36 37 23 9c 54 b4 83 05 2c 1c 2a 5e 6f 75 d8 80 c7 3b 44 6e 09 e4 5b 8b e3 a0 1b 15 05 fa 99 af 92 85 e9 f4 39 de c5 81 fd bd b1 56 c8 46 15 65 be 8a 09 22 25 ec e3 46 95 be fe 71 7b 91 29 96 3c 06 cb 6f 2b e4 44 05 52 4f 37 d5 ef 8a ae a8 0c 90 02 97 e5 76 0f aa d7 17 03 9b ed 88 94 1f 1a c5 90 a4 a1 55 d4 58 a9 56 1e a0 4f 9c 49 08 7c 41 30 00 32 14 65 42 3c a1 80 56 65 3a 49 f7 f1 88 37 88 44 99 0d 22 f0 42 fc 05 e5 0d a1 9d af 60 c0 6d c7 23 12 d1 b2 99 f2 69 98 1c bf 28 ad 1a 48 92 c1 58 91 2b
                                  Data Ascii: ieo-ob4^~Rr07P=AyD;}>]17)afTS67#T,*^ou;Dn[9VFe"%Fq{)<o+DRO7vUXVOI|A02eB<Ve:I7D"B`m#i(HX+
                                  2024-07-03 16:09:55 UTC16383INData Raw: ea 50 95 b8 bd ec a4 9b 03 fd 37 18 67 53 e9 ea 75 27 4c fe 90 b4 02 09 77 7d 16 65 d4 59 76 63 d2 9d 79 25 64 86 8e 86 93 36 91 14 0a 48 94 89 8a 31 d2 0b 7f 2b b2 dc ec 07 07 ce 36 b8 67 d3 ad 43 45 c9 6f 3d a4 7d 02 53 8b 64 81 50 0d a3 bf a7 c1 39 e6 d5 f4 51 54 8a ca 6f 96 86 9e 78 c8 9e 79 8d a9 dd 46 ed 70 0e e4 dd b5 1e 6f 6e 3c f5 29 34 cd 32 26 31 df d1 26 0c 8b 8b f7 d9 e8 86 64 59 ac 50 e6 93 25 4d 45 26 69 4d 38 f5 d1 c5 29 93 b0 c0 6a da ec 07 86 3c 9f 00 ef 82 56 d6 69 80 06 92 dd f0 ad 11 04 6f f7 fc fc 91 5a 8c f8 45 4f f3 0c 3b 71 47 2b 94 91 6d 31 92 12 4d 88 0b 7b 00 b7 d8 de db d8 62 a1 e0 91 26 4c 5e 6c bb 4e a7 69 1e dd fa af 92 7c 45 cb a3 9e 03 47 97 c7 57 40 c8 c6 58 ea a5 2c 64 22 e7 d0 77 0c 35 15 3c db 4e db 5f 05 a5 44 5d f5
                                  Data Ascii: P7gSu'Lw}eYvcy%d6H1+6gCEo=}SdP9QToxyFpon<)42&1&dYP%ME&iM8)j<VioZEO;qG+m1M{b&L^lNi|EGW@X,d"w5<N_D]
                                  2024-07-03 16:09:55 UTC16383INData Raw: 89 42 06 89 41 3e 9e de e4 1b fa 8d ad 71 fb 8c 07 85 6b 5e e3 aa ff 00 59 ea ba 91 80 47 3e e5 2c e4 1d 39 35 55 05 6d 65 74 4e 2b a2 a8 57 0e c8 a1 c5 88 e6 e2 de 6e 54 ee 76 3b 71 87 aa d5 0d 2d 6b 70 52 95 bc cf 74 e2 3b ef d9 59 cd fa 4e 8b 3a 91 a4 11 0a cc d8 83 33 16 91 56 32 bc 15 05 46 c4 1e 07 f7 c0 59 54 d3 03 66 e1 43 5e ec 13 9f b2 15 4b d3 55 b4 99 9d 24 a8 af 4d 2c 4a 13 f5 d5 81 90 12 09 51 bd 8f df c7 38 69 d5 98 e6 93 32 0a 11 32 dd 27 d7 d1 3a d4 51 55 ca 74 9a 86 a6 ec b0 62 f1 d3 87 79 05 b6 45 d3 bd bc 13 ed 8c d0 5a 2e 44 fb fd 51 8e ed 09 5b ac ea e0 a3 e9 19 8d 3d 35 65 2d 26 a0 69 5a 65 d2 7b d7 b1 da d7 04 ee 6f 7d ae 30 cd 30 e3 54 49 04 fd 91 68 ff 00 22 3e 3e a8 17 46 52 66 b4 b4 02 b6 ae a6 3a 4a 68 19 de 24 ab 72 8b 24 a7
                                  Data Ascii: BA>qk^YG>,95UmetN+WnTv;q-kpRt;YN:3V2FYTfC^KU$M,JQ8i22':QUtbyEZ.DQ[=5e-&iZe{o}00TIh">>FRf:Jh$r$
                                  2024-07-03 16:09:55 UTC16383INData Raw: 00 dd 86 fa 46 f6 b6 20 f1 1e 7f 09 c2 f1 f3 e4 8d 53 87 15 9a 5d 45 d8 c4 f4 dd 33 52 c9 95 ad 34 21 6b 24 2a 10 00 7b 04 6d 6f c6 16 2c aa 4c c7 cd 65 9e 16 a1 d9 26 3c 0b db ef 2e df e2 38 f5 8d 5e 6d b5 0c f8 6e f6 51 69 60 5b 40 27 fc 36 c4 99 46 0e 69 8d 5e ea 57 8d 02 c7 63 72 47 af fe 9f b7 e7 13 a6 0a 10 2e 04 fc 95 77 8c ab b1 02 f6 e2 f8 b5 e2 53 61 e0 b4 05 fa 35 0b b5 cd c8 df 6f 3e d8 eb ec b9 ee 26 ff 00 05 66 0d 29 2a af a5 5c dc 36 bf e5 fc e2 08 70 30 52 75 03 8b 4b b6 fa ae de a2 6b ab db 5d b6 d6 fb ea 03 c1 fe 98 a9 76 ee 55 14 d9 70 4c 7a 75 52 d4 4e d5 2f 1e bd 94 ee 58 8d ff 00 f3 6c 73 6f 30 83 4d 82 98 31 95 cc ca 11 91 a3 94 39 b6 f6 dc 5c 9f 07 f1 8a 82 46 55 9a 64 16 b8 76 17 32 6e 09 31 f6 da d7 b9 36 fe c7 17 68 23 75 2d b1
                                  Data Ascii: F S]E3R4!k$*{mo,Le&<.8^mnQi`[@'6Fi^WcrG.wSa5o>&f)*\6p0RuKk]vUpLzuRN/Xlso0M19\FUdv2n16h#u-
                                  2024-07-03 16:09:55 UTC16383INData Raw: 00 c5 94 ed 61 be df 6c 50 89 4d 83 a8 eb da ea b4 d1 bc 45 d0 5f 91 e9 e4 1b e0 72 98 63 83 a0 95 60 97 ec 85 a8 8e 70 04 60 47 be da 49 bf 07 c7 3f d6 f8 b2 15 b5 4d 32 33 7f 55 62 08 e2 a6 92 44 15 22 38 88 22 f6 d4 af b7 16 f0 7e ff 00 6c 48 4b bd ce a8 03 8b 64 fc 21 5d a6 ac 54 68 dd 96 23 68 ca 94 d3 a4 13 e4 fe 71 71 7b 25 1f 4e 64 09 cf 7e ca ad fb fa 83 2e f6 04 15 db 7b 60 e1 87 64 db 69 3e c5 aa 29 d0 c3 a6 c6 d7 f6 f7 c5 9c dd 28 ef a6 19 d5 5d a5 91 9f 49 2e 05 bc 81 b1 c3 0d 24 e5 46 9d 4d 04 05 ab 7c 33 e9 f8 7a ac 48 f0 a5 22 c7 1b f6 2a 23 48 0b 34 4a 50 85 91 59 ae 35 6a df 6b 71 e0 63 3f 89 aa 29 95 a1 47 85 2f 73 5d 02 2f 3c d6 a9 f0 e7 a2 66 c8 52 af e4 a7 a6 ee aa c7 0c 79 95 3c 23 bc 92 a3 7e aa 30 25 b6 36 00 f1 7d ec 71 95 55 ed
                                  Data Ascii: alPME_rc`p`GI?M23UbD"8"~lHKd!]Th#hqq{%Nd~.{`di>)(]I.$FM|3zH"*#H4JPY5jkqc?)G/s]/<fRy<#~0%6}qU
                                  2024-07-03 16:09:55 UTC16383INData Raw: c3 0c 7e 9c 84 b0 04 1b dd 42 99 f4 d9 4a 49 14 90 2c ab 32 d9 e2 23 d2 34 f0 08 bd c6 2e 5a 2a 10 e9 c7 7e e8 e1 c6 34 a6 7f 84 d9 8d 5d 35 55 44 f2 0a 79 12 26 32 a4 35 09 78 d8 11 70 6c 7c 0b 10 47 da d8 5e b9 0d aa d2 d1 72 9d a0 41 06 76 5e 92 c9 66 8f 26 c9 32 c8 32 cc ce a3 2c 5c da 58 ea 7b 0b 12 4f 4e 02 93 a5 58 10 2d b8 05 ae 76 fb da f8 69 8d 30 1a d3 9b ad 76 12 00 0d b0 2b 54 d5 57 9a d7 50 34 4a 4d 4b c7 f2 b5 15 51 91 db 8d 43 7d 44 83 62 1a e6 c1 77 07 7c 35 72 46 c7 09 a7 02 4a b3 d5 99 ec 79 2e 7f 97 d0 14 a9 aa 80 4c b2 d4 34 6b ae 38 c3 7a 6c fe 14 7f 37 93 60 7d f0 5a 95 d8 ca 82 9c fa f4 42 36 d9 54 e9 9c ef 27 cd 73 9a fc d2 92 b2 a6 b3 2b 05 20 96 1a 88 02 c5 0c 56 b0 bf e4 d8 db 9d c1 22 d8 b5 17 b2 a3 9c e6 99 68 e7 c9 5c 00 56
                                  Data Ascii: ~BJI,2#4.Z*~4]5UDy&25xpl|G^rAv^f&22,\X{ONX-vi0v+TWP4JMKQC}Dbw|5rFJy.L4k8zl7`}ZB6T's+ V"h\V


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  24192.168.2.449397152.199.21.1754434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:55 UTC454OUTGET /c1c6b6c8-0vkpu4mfgzituy8c7k7w3nv-1ai9iyalimupep6rc6i/logintenantbranding/0/bannerlogo?ts=638243219943629081 HTTP/1.1
                                  Host: aadcdn.msauthimages.net
                                  Connection: keep-alive
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: */*
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: empty
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:55 UTC617INHTTP/1.1 200 OK
                                  Accept-Ranges: bytes
                                  Access-Control-Allow-Origin: *
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
                                  Age: 18108
                                  Cache-Control: public, max-age=86400
                                  Content-MD5: NNG+NLqFdvh/wk5NYOga2A==
                                  Content-Type: image/*
                                  Date: Wed, 03 Jul 2024 16:09:55 GMT
                                  Etag: 0x8DB7ED3B51BA527
                                  Last-Modified: Fri, 07 Jul 2023 10:19:54 GMT
                                  Server: ECAcc (lhc/7936)
                                  X-Cache: HIT
                                  x-ms-blob-type: BlockBlob
                                  x-ms-lease-status: unlocked
                                  x-ms-request-id: 164c014b-101e-001b-4439-cd02a0000000
                                  x-ms-version: 2009-09-19
                                  Content-Length: 6877
                                  Connection: close
                                  2024-07-03 16:09:55 UTC6877INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff e1 00 22 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 01 01 12 00 03 00 00 00 01 00 01 00 00 00 00 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 3c 00 b8 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03
                                  Data Ascii: JFIF``"ExifMM*CC<"


                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                  25192.168.2.44940213.107.246.604434852C:\Program Files\Google\Chrome\Application\chrome.exe
                                  TimestampBytes transferredDirectionData
                                  2024-07-03 16:09:56 UTC418OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                  Host: aadcdn.msauth.net
                                  Connection: keep-alive
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                  Accept: */*
                                  Sec-Fetch-Site: none
                                  Sec-Fetch-Mode: cors
                                  Sec-Fetch-Dest: empty
                                  Accept-Encoding: gzip, deflate, br
                                  Accept-Language: en-US,en;q=0.9
                                  2024-07-03 16:09:56 UTC784INHTTP/1.1 200 OK
                                  Date: Wed, 03 Jul 2024 16:09:56 GMT
                                  Content-Type: image/svg+xml
                                  Content-Length: 621
                                  Connection: close
                                  Cache-Control: public, max-age=31536000
                                  Content-Encoding: gzip
                                  Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                  ETag: 0x8DB5C3F49ED96E0
                                  x-ms-request-id: 4ced282f-f01e-004d-6996-c5e994000000
                                  x-ms-version: 2009-09-19
                                  x-ms-lease-status: unlocked
                                  x-ms-blob-type: BlockBlob
                                  Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                  Access-Control-Allow-Origin: *
                                  x-azure-ref: 20240703T160956Z-157bfc599762h8k9re6q64dkws0000000ewg00000000n830
                                  x-fd-int-roxy-purgeid: 4554691
                                  X-Cache: TCP_HIT
                                  Accept-Ranges: bytes
                                  2024-07-03 16:09:56 UTC621INData Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8
                                  Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh


                                  Statistics

                                  CPU Usage

                                  Click to jump to process

                                  Memory Usage

                                  Click to jump to process

                                  Behavior

                                  Click to jump to process

                                  System Behavior

                                  General

                                  Target ID:0
                                  Start time:12:09:30
                                  Start date:03/07/2024
                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                  Imagebase:0x7ff76e190000
                                  File size:3'242'272 bytes
                                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:low
                                  Has exited:false

                                  General

                                  Target ID:2
                                  Start time:12:09:33
                                  Start date:03/07/2024
                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 --field-trial-handle=2296,i,16793354073530369212,4038901630383471587,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                  Imagebase:0x7ff76e190000
                                  File size:3'242'272 bytes
                                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:low
                                  Has exited:false

                                  General

                                  Target ID:3
                                  Start time:12:09:37
                                  Start date:03/07/2024
                                  Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                  Wow64 process (32bit):false
                                  Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://gerflorgroup.sharepoint.com/:f:/r/sites/InternationalFinanceSeminar-June2024/Shared%20Documents/General?csf=1&web=1&e=2fBDL5"
                                  Imagebase:0x7ff76e190000
                                  File size:3'242'272 bytes
                                  MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                  Has elevated privileges:true
                                  Has administrator privileges:true
                                  Programmed in:C, C++ or other language
                                  Reputation:low
                                  Has exited:true

                                  Disassembly

                                  No disassembly